In this post, I will explain how I found an authentication bypass, and further explored the functionality of the website, to increase the impact of the submission. The target had a wide scope and the main domain did not have that much functionality, so after a quick look around, I…

Table of contents Introduction Explaining the code Initial ideas and method of solving The solution Introduction As always, I started with reading the rules. The goal is to alert() the following flag: {THIS_IS_THE_FLAG}. Hmm.. this is new! With the previous challenges I’ve solved the goal was to execute document.domain. …

Why does my title say “Hacking” when it’s just an XSS challenge? Because I didn’t solve the challenge, I hacked the game. When you open the challenge page, the first thing you see is this: This is a game called “18 Game” and its goal is to have…

While I was reading some of Inti De Ceukelaire’s old writeups, I came across “How I got your phone number through Facebook”. Facebook’s reply on his submission was that the “Who can look me up” settings are set to Public. After reading this, I decided to have a look at…

As always, I started with reading the rules. The goal is to execute alert(document.domain) on the challenge-1220.intigriti.io domain. Self XSS and MiTM attacks are not in scope, and the solution should work on the latest version of Firefox and Chrome. The first thing I did was using the calculator like…

Like you should do with every challenge, I started with reading the rules. Those were clear. The goal was to execute alert(document.domain) on the challenge-1120.intigriti.io domain, without using self-xss or MiTM attacks. The attack should work in the latest version of Chrome and Firefox. While looking at the html of…