Web - Client
mercredi 28 octobre 2020, 12:53 #1
CSP Bypass - Inline code
Hello,
What is the ’FLAG’ that we need to get ? is it a cookie or something else ? I find a way to bypass the filter, however I am not sure what value we need to get to validate this challenge.
I can share a screenshot of my progress if needed.
Thank you for your help :)
vendredi 30 octobre 2020, 18:46 #4
CSP Bypass - Inline code
Same, got some 403 when I try some tricks...
For hookbin did your request works with you ?
vendredi 30 octobre 2020, 21:13 #5
CSP Bypass - Inline code
@Naelpuissant You’re not allowed to use script tag, you should try by using another HTML tag that has a JS event (on...=....)
I am at the same part as the author, still don’t know what is the flag.. According to the documentation it could something related to the template engine ?
Thanks