4 Solutions

You should validate this challenge first

Challenge Results

Pseudo	Challenge	Lang	Date
Akshou	CSP Bypass - Nonce		27 March 2025 at 22:55
Blood_self	CSP Bypass - Nonce		27 March 2025 at 17:06
lant052626	CSP Bypass - Nonce		27 March 2025 at 11:12
Ssor	CSP Bypass - Nonce		26 March 2025 at 16:59
Xess14	CSP Bypass - Nonce		26 March 2025 at 08:39
Staban	CSP Bypass - Nonce		23 March 2025 at 21:49
Yashwanth	CSP Bypass - Nonce		23 March 2025 at 19:52
Mister9999	CSP Bypass - Nonce		22 March 2025 at 13:31
croaker	CSP Bypass - Nonce		21 March 2025 at 14:03
__mHax__	CSP Bypass - Nonce		21 March 2025 at 09:39

0
10
20
30
40
50
60
70
80
...

42 Challenges

Results	Name	Validations	Number of points	Difficulty ↓↑	Author	Note	Solution	Date
	HTML - disabled buttons	44% 156359	5		Final		10	16 July 2017
	Javascript - Source	44% 155961	5		g0uZ		5	7 October 2006
	Javascript - Authentication 2	41% 143936	10		na5sim		4	3 February 2011
	Javascript - Obfuscation 1	39% 136400	10		Hel0ck		10	7 October 2006
	Javascript - Obfuscation 2	33% 117929	10		Hel0ck		8	3 February 2011
	Javascript - Authentication	47% 164837	5		g0uZ		9	8 October 2006
	Javascript - Native code	25% 87456	15		g0uZ		8	13 March 2011
	Javascript - Webpack	8% 27410	15		CanardMandarin		3	11 August 2020
	XSS DOM Based - Eval	1% 2922	40		Ruulian		5	12 August 2021
	XSS DOM Based - Filters Bypass	1% 1518	50		Ruulian		7	12 August 2021
	XSS - Stored 2	3% 9498	50		g0uZ		7	4 March 2012
	Javascript - Obfuscation 4	2% 6916	50		aaSSfxxx		5	18 July 2011
	CSP Bypass - Dangling markup 2	1% 1462	50		CanardMandarin		1	27 October 2020
	XSS - Reflected	2% 6416	45		pickle		6	16 March 2018
	CSP Bypass - JSONP	1% 1434	45		CanardMandarin		5	27 October 2020
	CSP Bypass - Dangling markup	1% 1774	45		CanardMandarin		1	27 October 2020
	CSRF - token bypass	3% 7442	45		sambecks		8	18 February 2016
	XSS DOM Based - AngularJS	1% 2625	40		Ruulian		3	12 August 2021
	CSP Bypass - Inline code	2% 5748	35		CanardMandarin		8	27 October 2020
	Flash - Authentication	2% 6425	40		koma		1	18 June 2012
	XSS - Stored 1	12% 41087	30		g0uZ		10	3 March 2012
	AST - Deobfuscation	1% 1793	35		mhoste , Lxt3h		2	27 June 2023
	Javascript - Obfuscation 3	18% 64456	30		Hel0ck		10	4 February 2011
	CSP Bypass - Nonce 2	1% 582	35		Ruulian		1	27 June 2023
	CSRF - 0 protection	6% 20924	35		sambecks		8	16 February 2016
	Web Socket - 0 protection	1% 917	35		Worty		1	22 October 2021
	XSS DOM Based - Introduction	2% 6105	35		Ruulian		4	12 August 2021
	Browser - bfcache / disk cache	1% 62	65		Mizu		0	28 July 2023
	XSS - DOM Based	1% 862	85		vic		6	24 December 2016
	XSS - Stored - filter bypass	1% 1535	80		Arod , sambecks		8	2 January 2016
	XS Leaks	1% 193	75		Mizu		1	8 April 2022
	Javascript - Obfuscation 5	1% 800	70		Hel0ck		3	4 February 2011
	HTTP Response Splitting	1% 2433	70		Arod		3	7 November 2013
	DOM Clobbering	1% 387	60		Mizu		1	8 April 2022
	Self XSS - Race Condition	1% 90	60		Mizu		1	28 July 2023
	Javascript - Obfuscation 6	1% 113	60		n3rada		0	27 April 2023
	CSP Bypass - Nonce	1% 1032	50		Ruulian		4	8 April 2022
	CSPT - The Ruler	1% 21	60		Rolix , Mizu		0	27 September 2024
	Self XSS - DOM Secrets	1% 241	55		Mizu		3	28 July 2023
	Relative Path Overwrite	1% 173	50		Mizu		1	28 July 2023
	CSS - Exfiltration	1% 648	50		Forgi , gwel		1	8 April 2022
	Same Origin Method Execution	1% 40	90		Mizu		0	28 July 2023

CSP Bypass - Nonce

50 Points

Always do random

Author

Level

Validations

Note

4 Solutions

Challenge Results

42 Challenges