Web - Client

Client-side technologies implemented in the web browser

At first you will be faced with problems that will require little to no knowledge of web scripting language. Pretty soon the plot thickens ...

These challenges confront you to the use of scripting languages and client-side programming. They are mostly scripts to analyze and understand. This will allow you to learn languages which are in widespread use on the internet.

Prerequisites:
– Understanding a scripting language such javascript/vbscript
– Understanding the operation of a debugger such firebug/javascript console

41 Challenges

Results	Name	Validations	Number of points	Difficulty ↓↑	Author	Note	Solution	Date
	HTML - disabled buttons	44% 143392	5		Final		10	16 July 2017
	Javascript - Source	44% 144815	5		g0uZ		5	7 October 2006
	Javascript - Authentication 2	41% 133339	10		na5sim		4	3 February 2011
	Javascript - Obfuscation 1	39% 126515	10		Hel0ck		10	7 October 2006
	Javascript - Obfuscation 2	34% 109275	10		Hel0ck		8	3 February 2011
	Javascript - Authentication	47% 152940	5		g0uZ		9	8 October 2006
	Javascript - Native code	25% 81214	15		g0uZ		8	13 March 2011
	Javascript - Webpack	8% 23989	15		CanardMandarin		3	11 August 2020
	XSS DOM Based - Eval	1% 2339	40		Ruulian		5	12 August 2021
	XSS DOM Based - Filters Bypass	1% 1218	50		Ruulian		6	12 August 2021
	XSS - Stored 2	3% 8640	50		g0uZ		7	4 March 2012
	Javascript - Obfuscation 4	2% 6482	50		aaSSfxxx		5	18 July 2011
	CSP Bypass - Dangling markup 2	1% 1233	50		CanardMandarin		1	27 October 2020
	XSS - Reflected	2% 5723	45		pickle		6	16 March 2018
	CSRF - token bypass	3% 6895	45		sambecks		8	18 February 2016
	CSP Bypass - Dangling markup	1% 1532	45		CanardMandarin		1	27 October 2020
	CSP Bypass - JSONP	1% 1232	45		CanardMandarin		5	27 October 2020
	XSS DOM Based - AngularJS	1% 2126	40		Ruulian		3	12 August 2021
	CSP Bypass - Inline code	2% 4899	35		CanardMandarin		8	27 October 2020
	Flash - Authentication	2% 6176	40		koma		1	18 June 2012
	XSS - Stored 1	12% 37392	30		g0uZ		10	3 March 2012
	AST - Deobfuscation	1% 930	35		mhoste , Lxt3h		2	27 June 2023
	Javascript - Obfuscation 3	19% 60185	30		Hel0ck		10	4 February 2011
	CSP Bypass - Nonce 2	1% 281	35		Ruulian		1	27 June 2023
	CSRF - 0 protection	6% 19438	35		sambecks		8	16 February 2016
	Web Socket - 0 protection	1% 807	35		Worty		1	22 October 2021
	XSS DOM Based - Introduction	2% 5044	35		Ruulian		4	12 August 2021
	Browser - bfcache / disk cache	1% 30	65		Mizu		0	28 July 2023
	XSS - DOM Based	1% 813	85		vic		6	24 December 2016
	XSS - Stored - filter bypass	1% 1378	80		Arod , sambecks		8	2 January 2016
	XS Leaks	1% 171	75		Mizu		1	8 April 2022
	Javascript - Obfuscation 5	1% 768	70		Hel0ck		3	4 February 2011
	HTTP Response Splitting	1% 2295	70		Arod		3	7 November 2013
	Javascript - Obfuscation 6	1% 76	60		n3rada		0	27 April 2023
	Self XSS - Race Condition	1% 54	60		Mizu		0	28 July 2023
	CSP Bypass - Nonce	1% 758	50		Ruulian		4	8 April 2022
	DOM Clobbering	1% 304	60		Mizu		1	8 April 2022
	Self XSS - DOM Secrets	1% 177	55		Mizu		3	28 July 2023
	Relative Path Overwrite	1% 91	50		Mizu		0	28 July 2023
	CSS - Exfiltration	1% 530	50		Forgi , gwel		1	8 April 2022
	Same Origin Method Execution	1% 21	90		Mizu		0	28 July 2023

Challenge Results

Pseudo	Challenge	Lang	Date
flol178	Javascript - Obfuscation 3		2 June 2024 at 20:55
Renek	Self XSS - Race Condition		2 June 2024 at 20:51
Nishacid	Self XSS - Race Condition		2 June 2024 at 20:45
mz4r	CSRF - contournement de jeton		2 June 2024 at 20:44
BRODERO	Javascript - Authentification		2 June 2024 at 20:43
gelsoninho	Javascript - Source		2 June 2024 at 20:42
bill[RPT]	Javascript - Webpack		2 June 2024 at 20:42
gelsoninho	Javascript - Authentification 2		2 June 2024 at 20:41
$D(γ83R	XSS - Stockée 2		2 June 2024 at 20:14
BRODERO	Javascript - Obfuscation 1		2 June 2024 at 20:12