XSS via CSPT and Open Redirect - Solution to August '24 Challenge (Defcon)
🏆 The official writeup for the August '24 (DEF CON) Challenge, which involves client-side path traversal (shout-out to @criticalthinkingpodcast ), open redirect and XSS. We received 36 valid submissions (and 9 awesome writeups). In this video, we'll breakdown the solution 🧠 #DefCon #Intigriti #HackWithIntigriti #CTF #BugBounty #WebSecurity #AppSec #PenTesting
Full blog/writeup: https://bugology.intigriti.io/intigri...
Follow CryptoCat: / _cryptocat
Solve the challenge: https://challenge-0824.intigriti.io
🧑💻 Sign up and start hacking right now - https://go.intigriti.com/register
🐱💻 Can't get enough of these challenges? - https://blog.intigriti.com/hackademy/...
👾 Join our Discord - https://go.intigriti.com/discord
🎙️ This show is hosted by / _cryptocat ( @_CryptoCat ) & / intigriti
👕 Do you want some Intigriti Swag? Check out https://swag.intigriti.com
0:00 Intro
1:26 Site functionality
3:25 Source code review
10:22 CSPT
17:30 Open redirect
23:23 CORS
25:51 XSS
29:30 Conclusion
![Decoding Spotify Barcodes - Defcon 32 Coin Challenge Solution [2024]](https://images.mixrolikus.cc/video/RpXbtmUGyXs)
