Web - Client

Client-side technologies implemented in the web browser

At first you will be faced with problems that will require little to no knowledge of web scripting language. Pretty soon the plot thickens ...

These challenges confront you to the use of scripting languages and client-side programming. They are mostly scripts to analyze and understand. This will allow you to learn languages which are in widespread use on the internet.

Prerequisites:
– Understanding a scripting language such javascript/vbscript
– Understanding the operation of a debugger such firebug/javascript console

42 Challenges

Results	Name	Validations ↓↑	Number of points	Difficulty	Author	Note	Solution	Date
	Javascript - Authentication	47% 157524	5		g0uZ		9	8 October 2006
	Javascript - Source	44% 149134	5		g0uZ		5	7 October 2006
	HTML - disabled buttons	44% 148481	5		Final		10	16 July 2017
	Javascript - Authentication 2	41% 137396	10		na5sim		4	3 February 2011
	Javascript - Obfuscation 1	39% 130346	10		Hel0ck		10	7 October 2006
	Javascript - Obfuscation 2	34% 112631	10		Hel0ck		8	3 February 2011
	Javascript - Native code	25% 83748	15		g0uZ		8	13 March 2011
	Javascript - Obfuscation 3	19% 61877	30		Hel0ck		10	4 February 2011
	XSS - Stored 1	12% 38840	30		g0uZ		10	3 March 2012
	Javascript - Webpack	8% 25300	15		CanardMandarin		3	11 August 2020
	CSRF - 0 protection	6% 19978	35		sambecks		8	16 February 2016
	XSS - Stored 2	3% 8953	50		g0uZ		7	4 March 2012
	CSRF - token bypass	3% 7111	45		sambecks		8	18 February 2016
	Javascript - Obfuscation 4	2% 6640	50		aaSSfxxx		5	18 July 2011
	Flash - Authentication	2% 6260	40		koma		1	18 June 2012
	XSS - Reflected	2% 6010	45		pickle		6	16 March 2018
	XSS DOM Based - Introduction	2% 5457	35		Ruulian		4	12 August 2021
	CSP Bypass - Inline code	2% 5227	35		CanardMandarin		8	27 October 2020
	XSS DOM Based - Eval	1% 2581	40		Ruulian		5	12 August 2021
	HTTP Response Splitting	1% 2358	70		Arod		3	7 November 2013
	XSS DOM Based - AngularJS	1% 2343	40		Ruulian		3	12 August 2021
	CSP Bypass - Dangling markup	1% 1622	45		CanardMandarin		1	27 October 2020
	XSS - Stored - filter bypass	1% 1443	80		Arod , sambecks		8	2 January 2016
	XSS DOM Based - Filters Bypass	1% 1351	50		Ruulian		7	12 August 2021
	CSP Bypass - Dangling markup 2	1% 1319	50		CanardMandarin		1	27 October 2020
	CSP Bypass - JSONP	1% 1307	45		CanardMandarin		5	27 October 2020
	AST - Deobfuscation	1% 1242	35		mhoste , Lxt3h		2	27 June 2023
	CSP Bypass - Nonce	1% 852	50		Ruulian		4	8 April 2022
	Web Socket - 0 protection	1% 848	35		Worty		1	22 October 2021
	XSS - DOM Based	1% 835	85		vic		6	24 December 2016
	Javascript - Obfuscation 5	1% 781	70		Hel0ck		3	4 February 2011
	CSS - Exfiltration	1% 573	50		Forgi , gwel		1	8 April 2022
	CSP Bypass - Nonce 2	1% 404	35		Ruulian		1	27 June 2023
	DOM Clobbering	1% 335	60		Mizu		1	8 April 2022
	Self XSS - DOM Secrets	1% 207	55		Mizu		3	28 July 2023
	XS Leaks	1% 180	75		Mizu		1	8 April 2022
	Relative Path Overwrite	1% 125	50		Mizu		1	28 July 2023
	Javascript - Obfuscation 6	1% 96	60		n3rada		0	27 April 2023
	Self XSS - Race Condition	1% 74	60		Mizu		1	28 July 2023
	Browser - bfcache / disk cache	1% 46	65		Mizu		0	28 July 2023
	Same Origin Method Execution	1% 31	90		Mizu		0	28 July 2023
	CSPT - The Ruler	1% 15	60		Rolix , Mizu		0	27 September 2024

Challenge Results

Pseudo	Challenge	Lang	Date
hblood_0	Javascript - Obfuscation 2		18 October 2024 at 03:39
hackwithstyle	CSP Bypass - Dangling markup		18 October 2024 at 03:24
hblood_0	Javascript - Obfuscation 1		18 October 2024 at 03:13
Matheus	XSS DOM Based - Introduction		18 October 2024 at 02:42
Anonymous	HTML - boutons désactivés		18 October 2024 at 02:41
catphisheur	Javascript - Obfuscation 2		18 October 2024 at 02:34
catphisheur	Javascript - Obfuscation 1		18 October 2024 at 02:32
catphisheur	Javascript - Authentification 2		18 October 2024 at 02:23
fanf	XSS - Volatile		18 October 2024 at 02:19
Romain	AST - Deobfuscation		18 October 2024 at 02:18