DOM clobbering in CTF: https://github.com/ctfs/write-ups/tree/master/hack-lu-ctf-2014/hotcows-dating … also could use textarea w/user interaction - IMG src solution is wrong though->META works
-
-
Replying to @avlidienbrunn
@avlidienbrunn@mathias umm, can't u use mixture of textarea and <!--> to foil the first few unwanted META tags? just an idea1 reply 0 retweets 0 likes
Replying to @irsdl
@irsdl @avlidienbrunn No because `innerHTML` is used. We tried. I thought you knew of a way to include a resource inline using <meta>
4:19 AM - 24 Oct 2014
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.
JavaScript, HTML, CSS, HTTP, performance, security, Bash, Unicode, i18n, macOS.