Web - Client Web - Client

Client-side technologies implemented in the web browser

At first you will be faced with problems that will require little to no knowledge of web scripting language. Pretty soon the plot thickens ...

These challenges confront you to the use of scripting languages and client-side programming. They are mostly scripts to analyze and understand. This will allow you to learn languages which are in widespread use on the internet.

Prerequisites:
 Understanding a scripting language such javascript/vbscript
 Understanding the operation of a debugger such firebug/javascript console

challenges 42 Challenges

Results Name Validations Number of points  Explanation for the scores Difficulty  Difficulty Author Note   Notation Solution Date
pas_valide Javascript - Obfuscation 5 1% 785 70 Hel0ck 3 4 February 2011
pas_valide Javascript - Webpack 8% 25777 15 CanardMandarin 3 11 August 2020
pas_valide Flash - Authentication 2% 6299 40 koma 1 18 June 2012
pas_valide Javascript - Obfuscation 4 2% 6718 50 aaSSfxxx 5 18 July 2011
pas_valide AST - Deobfuscation 1% 1360 35 mhoste , Lxt3h 2 27 June 2023
pas_valide Javascript - Obfuscation 3 19% 62445 30 Hel0ck 10 4 February 2011
pas_valide XSS - Stored - filter bypass 1% 1471 80 Arod , sambecks 8 2 January 2016
pas_valide Javascript - Obfuscation 6 1% 100 60 n3rada 0 27 April 2023
pas_valide CSP Bypass - Dangling markup 2 1% 1353 50 CanardMandarin 1 27 October 2020
pas_valide XSS - DOM Based 1% 842 85 vic 6 24 December 2016
pas_valide Self XSS - Race Condition 1% 76 60 Mizu 1 28 July 2023
pas_valide Web Socket - 0 protection 1% 867 35 Worty 1 22 October 2021
pas_valide CSS - Exfiltration 1% 597 50 Forgi , gwel 1 8 April 2022
pas_valide Browser - bfcache / disk cache 1% 47 65 Mizu 0 28 July 2023
pas_valide XSS - Reflected 2% 6107 45 pickle 6 16 March 2018
pas_valide Javascript - Native code 25% 84626 15 g0uZ 8 13 March 2011
pas_valide CSPT - The Ruler 1% 17 60 Rolix , Mizu 0 27 September 2024
pas_valide CSRF - token bypass 3% 7171 45 sambecks 8 18 February 2016
pas_valide HTTP Response Splitting 1% 2370 70 Arod 3 7 November 2013
pas_valide CSP Bypass - Nonce 2 1% 446 35 Ruulian 1 27 June 2023
pas_valide XSS - Stored 1 12% 39354 30 g0uZ 10 3 March 2012
pas_valide CSRF - 0 protection 6% 20173 35 sambecks 8 16 February 2016
pas_valide CSP Bypass - Inline code 2% 5357 35 CanardMandarin 8 27 October 2020
pas_valide XS Leaks 1% 180 75 Mizu 1 8 April 2022
pas_valide Same Origin Method Execution 1% 31 90 Mizu 0 28 July 2023
pas_valide XSS DOM Based - AngularJS 1% 2411 40 Ruulian 3 12 August 2021
pas_valide CSP Bypass - Nonce 1% 891 50 Ruulian 4 8 April 2022
pas_valide Self XSS - DOM Secrets 1% 216 55 Mizu 3 28 July 2023
pas_valide XSS DOM Based - Introduction 2% 5601 35 Ruulian 4 12 August 2021
pas_valide CSP Bypass - Dangling markup 1% 1663 45 CanardMandarin 1 27 October 2020
pas_valide XSS DOM Based - Eval 1% 2671 40 Ruulian 5 12 August 2021
pas_valide XSS - Stored 2 3% 9088 50 g0uZ 7 4 March 2012
pas_valide Javascript - Source 44% 150955 5 g0uZ 5 7 October 2006
pas_valide Javascript - Obfuscation 2 34% 113967 10 Hel0ck 8 3 February 2011
pas_valide XSS DOM Based - Filters Bypass 1% 1390 50 Ruulian 7 12 August 2021
pas_valide Javascript - Authentication 2 41% 139075 10 na5sim 4 3 February 2011
pas_valide CSP Bypass - JSONP 1% 1343 45 CanardMandarin 5 27 October 2020
pas_valide Javascript - Authentication 47% 159423 5 g0uZ 9 8 October 2006
pas_valide Javascript - Obfuscation 1 39% 131849 10 Hel0ck 10 7 October 2006
pas_valide HTML - disabled buttons 44% 150496 5 Final 10 16 July 2017
pas_valide DOM Clobbering 1% 342 60 Mizu 1 8 April 2022
pas_valide Relative Path Overwrite 1% 140 50 Mizu 1 28 July 2023

Challenge Results Challenge Results

Pseudo Challenge Lang Date
Erreur303 Web - Client  XSS - Stockée 1 fr 21 November 2024 at 18:55
Abu Web - Client  Javascript - Obfuscation 1 fr 21 November 2024 at 18:50
Binouze Web - Client  Javascript - Native code fr 21 November 2024 at 18:49
NSM-le-hacker-du-siècle Web - Client  XSS - Stockée 1 fr 21 November 2024 at 18:45
NSM-le-hacker-du-siècle Web - Client  Javascript - Obfuscation 3 fr 21 November 2024 at 18:44
NSM-le-hacker-du-siècle Web - Client  Javascript - Native code fr 21 November 2024 at 18:41
NSM-le-hacker-du-siècle Web - Client  Javascript - Obfuscation 2 fr 21 November 2024 at 18:40
Binouze Web - Client  Javascript - Obfuscation 2 fr 21 November 2024 at 18:38
Binouze Web - Client  Javascript - Obfuscation 1 fr 21 November 2024 at 18:36
Abu Web - Client  Javascript - Authentification 2 fr 21 November 2024 at 18:30