0822: Business Card Generator

Video Walkthrough

Challenge Description

Find a way to execute arbitrary javascript on the iFramed page and win Intigriti swag.

Useful Resources

• XSS cheatsheet

• CSRF

• Fuzzing for XSS via nested parsers condition

• Angular CSP bypass

• UNI CTF 2021: A Complex Web Exploit Chain & a 0day to Bypass an Impossible CSP

Community Writeups

1. brunomodificato (challenge creator)

2. huli (challenge creator)