Skip to main content

Cure53 XSSMas Hacking Challenge 2016 Underway

Cure53 XSSMas Challenge, initiated in 2013, is a recurring hacking event, where those challenged have to solve a complex security puzzle in order to win money and fame, attempting to hack a web site in any means necessary.

'Any means', does not preclude rules of engagement. For example the 2015 challenge required hacking without user interaction, i.e setting a XSS trap and waiting for it to be activated as in the case of blind XSS.

So as not to spoil your fun with this year's challenge, which has been posted today, here we'll look back to last year's challenge required hackers to begin with index.php and progressively break through index3.php in order to obtain the price.
What was actually required is nicely summed up in:
  • Find a way to bypass the XSS filters of all browsers by realizing, the string

Comments

Popular posts from this blog

Ingres vs Postgres MVCC Explained With Neo4j's LLM Knowledge Graph Builder

 LLM Knowledge Graph Builder is an application designed to turn unstructured data such as pdfs, text documents, YouTube videos, and web pages, into a knowledge graph stored in Neo4j, promising much better accuracy than simple RAG (Retrieval-Augmented Generation). https://www.i-programmer.info/news/80-java/17967-ingres-vs-postgres-mvcc-explained-with-neo4js-llm-knowledge-graph-builder-.html

The Advent of SQL 2024 Has Commenced

  It's Advent - the time of year when we countdown the days to Christmas - and if your are a programmer complete daily coding challenges with the Advent of Code, the Advent of Perl, the Advent of Java, Javascriptmas, etc. Now we have the Advent of SQL too with 24 SQL challenges to complete before Christmas! https://www.i-programmer.info/news/204-challenges/17678-the-advent-of-sql-2024-has-commenced.html