Logo

Alfin's Notes

  • Home
  • Posts
  • About
  • Tags

 RSS  GitLab  GNOME GitLab

päääd - Hack.lu CTF 2023

󰃭 2024-05-26 |  #writeups

tl;dr

  • meta redirect to attacker website, using the html injection in the paaad.
  • leak the unique subdomain with csp violation.
  • Another meta redirect csrf with the leaked subdomain to make the note public.

Continue reading 

<<< 1 [2]

2025 © Some copyright notice - my license

Ficurinia theme for Hugo by Gabriele Musco. Licensed under GNU AGPLv3.