d2jsp
Log InRegister
d2jsp Forums > Off-Topic > Computers & IT > Programming & Development > Xss Challengs > @hackcommunity
Add Reply New Topic New Poll
Member
Posts: 827
Joined: Jan 16 2012
Gold: 0.00
Warn: 10%
Oct 23 2012 10:47am
Sup,

There's a nice challenge going on in hackcommunity, you guys might want to try it out. I've solved number 5, working on 6 now, pretty fun =)

http://www.hackcommunity.com/xss
Member
Posts: 827
Joined: Jan 16 2012
Gold: 0.00
Warn: 10%
Oct 23 2012 11:28am
Solved 6 now =)
Member
Posts: 1,628
Joined: Aug 11 2012
Gold: 628.00
Oct 23 2012 01:57pm
Im confused, what are you supposed to do, each challenge just has and enter your name a text field and a submit button, is there no description?
Member
Posts: 6,192
Joined: Dec 13 2010
Gold: 6,669.99
Oct 23 2012 02:21pm
Quote (Huayra @ Oct 23 2012 04:57pm)
Im confused, what are you supposed to do, each challenge just has and enter your name a text field and a submit button, is there no description?


google xss :/
for the first page enter something like <script>javascript:alert("hi")</script>

Anyways, StormHasHe you should approve your link before posting it by a moderator, and I doubt they'll approve it since it's a hacking site/forum.
Member
Posts: 1,628
Joined: Aug 11 2012
Gold: 628.00
Oct 23 2012 02:34pm
Quote (ShadowFiend @ Oct 23 2012 02:21pm)
google xss :/
for the first page enter something like <script>javascript:alert("hi")</script>

Anyways, StormHasHe you should approve your link before posting it by a moderator, and I doubt they'll approve it since it's a hacking site/forum.


i know what it is, i just didnt know if they were going to give u a hint, or you were going to have to do a guessing game on what they want..
Member
Posts: 827
Joined: Jan 16 2012
Gold: 0.00
Warn: 10%
Oct 23 2012 03:26pm
Quote (ShadowFiend @ Oct 23 2012 06:21pm)
Anyways, StormHasHe you should approve your link before posting it by a moderator, and I doubt they'll approve it since it's a hacking site/forum.


I see, I didn't think about it that way, I thought about it in a security manner. I've been doing a security update on one of the projects I'm working at, and while I was studying about prevention of XSS, CSRF and other forms of attacks, I've found that thread, witch is a simulation of a vulnerable site, and you can test your skills to identify exploits. I'm even organizing an event here at the company I work at, to try and solve the problems. I solved 7 already, working on 8 now, so i'll explain how it works for my co-workers and everything, and we'll make a kinda of context, to see who manages to solve most/all problems =)(of course I won't be participating, I'm going to help them with doubts)

Anyway, I think something like this is very constructive, even if it came from a hacking forum. We are in a programming forum, this has everything to do with programming.

edit:
I didn't know you had to "approve" something before posting it. How do we do this? send it by PM to a moderator?

edit2:
@Huayra
do a better google search for XSS, and you'll understand.

This post was edited by StormHasHe on Oct 23 2012 03:28pm
Member
Posts: 10,812
Joined: Oct 15 2009
Gold: Locked
Warn: 20%
Oct 23 2012 03:43pm
It is a link to a sandbox site that allows you to interactively experiment with how XSS attacks work, in a safe way. Teaching you exactly why its important to sanitize user input when coding a website, and giving you an idea how to sanitize them. How would this not be appropriate in the Programming Web Languages section? Oh, because it has the word "hack" in it, that must be the reason...

This post was edited by Azrad on Oct 23 2012 03:44pm
Member
Posts: 827
Joined: Jan 16 2012
Gold: 0.00
Warn: 10%
Oct 23 2012 06:00pm
Quote (Azrad @ Oct 23 2012 07:43pm)
It is a link to a sandbox site that allows you to interactively experiment with how XSS attacks work, in a safe way. Teaching you exactly why its important to sanitize user input when coding a website, and giving you an idea how to sanitize them. How would this not be appropriate in the Programming Web Languages section? Oh, because it has the word "hack" in it, that must be the reason...


I wonder if he even get to enter the site and find what its about... probably not
Go Back To Programming & Development Topic List
Add Reply New Topic New Poll