memosec

## 0724.md

      
              1 file
            
          
              0 forks
            
          
                0 comments
              
            
              0 stars
            
          
                memosec
                / 0724.md
            
            
              Created
              July 3, 2024 17:59
            
              
                 Intigriti's July 2024 Web Challenge thanks to a_l and wubz
              
          
    Intigriti July Challenge

The challenge of this month was relatively easy for me as I had recently done a challenge on rootme where I learned a trick that was needed in this challenge. It was cool to see my learning paid off.
The Challenge

Here is the link to the challenge https://challenge-0724.intigriti.io/challenge.
We have the ability to input text, and it will be reflected on the page and the url. When we try to inject a script like <script>alert(1)</script> it's blocked by the CSP. Only scripts with the correct hash are executed by the browser. Now let's take a look at how secure that CSP is:


## 0524.md

      
              1 file
            
          
              0 forks
            
          
                0 comments
              
            
              0 stars
            
          
                memosec
                / 0524.md
            
            
              Created
              May 8, 2024 20:45
            
              
                Intigriti's May 2024 Web Challenge thanks to @stealthcopter

              
    Intigriti May Challenge

This is my first write-up ever for a challenge. Glad I was able to solve this challenge, which
I had a lot of fun from in the process.
The challenge link: challenge
Overview

The code for this challenge is short, I will only paste the relevant PHP code block here:
<?php