XSS Challenge

12th Nov. ~ 29th Nov. 10AM UTC

Send the answer

Challenges

Challenge 1

by @hamayanhamayan

Challenge 2

by @ryotkak

Guest Author

Challenge3

by @kinugawamasato

Rules

  1. Execute alert(origin) on each challenge origins (challenge-hamayan.quiz.flatt.training, 34.171.202.118, challenge-kinugawa.quiz.flatt.training).
  2. You must exploit XSS in each challenges.
  3. Unusual user interactions are not allowed, the exploit must execute alert(origin) when you open a link.
  4. You can refer to the source code for each challenge.
  5. Once you solved the challenge, please submit the answer via Google Form. Please explain in writing how you solved the challenge.
Access the source code Send the answer(Google Form)

About Flatt Security

Flatt Security, based in Tokyo, offers expert security assessments and penetration testing for software. Our seasoned professionals deliver proven, top-tier services. We also provide tools to help you internalize cutting edge, state of the art security practices.

See our Web sites See our research blog