False Alarm
50 points
Description:
Try to make a dummy alert
Solution:
Viewing the page source I found this code
function loadObj(){
var cc=eval(‘(‘+unescape(aacc)+’)’);
document.getElementById(‘msg’).textContent=cc.message;
}
if(window.location.hash.indexOf(‘mass’)==-1)
var aacc=”({“message”:”Hello User!”})”;
else
var aacc=location.hash.substr(window.location.hash.indexOf(‘mass=’)+5)
var tmp =location.hash;
$.ajax({
type: “POST”,
url: “Tc5IQib027qvyjSMfHjOMaLk.php”,
data: {“tmp”:tmp},
success: function(data,status){
eval(data)
}
});
i understood that i need to manipulate the URL and add a hash value of string mass= and add the payload after it
forming this url https://ch6.sbug.se/#mass=alert(%22xss%22)
Flag
FLAG{DOMDOM-XSS-1337}
https://github.com/MostafaMohamed888/writeups/blob/main/ODINCTF/2021/false_alarm.md