🐻
CTF Notes
  • Home
  • General
    • Hints
    • Formats
    • Links
    • Reversing
  • Binary
    • Basics
    • Vectors
    • Evasion
    • Payloads
    • Heap
    • Tools
  • Web
    • Web
    • Javascript
    • PHP
  • System
    • Escape
    • Escalation
    • Shells
  • Crypto
    • Hints
Powered by GitBook
On this page
  • Javascript
  • Character restrictions
  • Unicode shenanigans
  • Leaks
  • Exfiltration
  1. Web

Javascript

PreviousWebNextPHP

Last updated 3 years ago

Javascript

Character restrictions

If your injected code is HTML-escaped, you can use backticks ` to get strings through. Just be aware that these strings are templates, and will be interpolated.

Unicode shenanigans

Leaks

A function's .toString() renders its full source code, including comments!

function a() {
    /* Top sneaky: flag{1234} */
}
console.log(a.toString());

Exfiltration

Change the DOM inside an iframe

The host page isn't supposed to communicate with other domains. If you spawn an iframe and change some DOM in the host, it will be inherited in the guest. Oops.

Something on sandboxes
Only ()+[]!
Only +[]{}!$`
No parentheses
Cool encoder
Of course
Technique