Blog


Search

Featured posts

Thumbnail
WebScriptingFilter Bypass

Intigriti March XSS Challenge (0325)

A hard Cross-Site Scripting challenge chaining small bugs with one very hard step to leak a fragment directive using Self XSS

Thumbnail
Web

Cache Deception on my new site!

A fun story about discovering my site was vulnerable to Cache Deception, allowing the visit of a link by me to leak all hidden blog posts to an attacker, thanks to URL-decoding and Path Traversals to confuse cache rules

Thumbnail
WebScripting

x3CTF - blogdog (+ new CSS Injection XS-Leak!)

A "hard web xssbot" challenge about a fun browser quirk with the is= attribute to perform CSS Injection. Bypass the strict CSP with an unintended new technique to XS-Leak a selector's result by detecting the site crashing

Thumbnail
External

PwnedDoc: Hacking a Reporting Tool

Finding 5 CVEs in the PwnDoc pentest reporting tool, angular-expressions and docx-templater. This includes multiple 1-click Remote Code Execution vulnerabilities by escaping the JavaScript sandbox in the templating engine.