CTFs
Upcoming
Archive
Past events
Tasks
Writeups
Calendar
Teams
Rating
Compare
Create new team
Get team members
FAQ
Contact us
For organizers
Feedback
About
Sign in
Home
/
CTF events
/
bi0sCTF 2024
/
Tasks
/
Variety Notes
/
Writeup
Variety Notes
by
luc_f3r
/
bi0s
Tags:
redos
csp-bypass
Rating:
4.0
tl;dr
Capturing the flag id through redos attack in /search endpoint
XSS in /uuid/noteid/raw and HTML injection in /uuid/noteid
CSP frame-src bypass through server side redirect
Original writeup
(https://blog.bi0s.in/2024/02/26/Web/VarietyNotes-bi0sCTF2024/).
Comments
x
Sign in with
I don't remember
