Learn how to solve the "sanity" web challenge from Amateurs CTF 2023 in this detailed video walkthrough that demonstrates advanced web security concepts including DOM clobbering, prototype pollution, and XSS attacks. Follow along with a step-by-step breakdown of the challenge's functionality, comprehensive code review, and vulnerability chain analysis. Master practical exploitation techniques as you explore DOM clobbering implementation, execute prototype pollution attacks, and craft XSS payloads to steal cookies. Gain valuable insights into web security testing through hands-on demonstrations, complete with detailed explanations suitable for beginners in penetration testing and CTF competitions.
DOM Clobbering, Prototype Pollution and XSS Walkthrough - Amateurs CTF 2023
Overview
Syllabus
Start
Explore functionality
Code review
Vulnerability chain breakdown
Browser issue detour
Attack plan
Step 1: Clobber the DOM
Step 2: Protoype Pollution
Step 3: XSS steal cookie
Recap
End
Taught by
CryptoCat
Related Courses
-
Web Hacking Expert - Full-Stack Exploitation Mastery
-
Burp Web Security Academy - Practitioner Labs Walkthrough
-
Cross-Site Scripting via Client-Side Path Traversal and DOM Clobbering - A Web Security Tutorial
-
Web Challenge Walkthroughs for LA CTF 2024: JavaScript Manipulation, Cookie Tampering, SQL Injection, and XSS - Part 1
-
Web Exploitation Challenges Walkthrough - Space Heroes CTF 2023
-
XSS Exploitation in PDF.js Using CVE-2024-4367 - Akasec CTF Challenge
