Chaining Script Gadgets to Full XSS - All The Little Things 2/2 (web) Google CTF 2020

Channel:

Subscribers:

920,000

Published on October 8, 2020 5:23:26 PM ● Video Link: https://www.youtube.com/watch?v=UGtrpXk6QVU

Duration: 13:46

25,911 views

1,095

In the second part we are building on top of what we have learned. We figure out how to craft something special out of a very limited script gadget. Eventually we can use it to leak the secret notes ID and notes content.

Part 1: https://www.youtube.com/watch?v=dZXaQKEE3A8
Challenge: https://capturetheflag.withgoogle.com/challenges/web-littlethings
Pasteurize: https://www.youtube.com/watch?v=Tw7ucd2lKBk

00:00 - Recap Part 1
00:20 - Start of the Attack Chain
00:54 - Control the Theme Callback
02:29 - Prior JSONP Capability Research
04:40 - innerHTML Breakthrough
06:13 - Content Security Policy Fail
07:19 - iframe CSP Bypass
08:31 - The Solution
10:09 - Chaining Three Gadgets
11:34 - Researching Cool XSS Techniques
12:00 - Solving the Challenge
13:25 - Outro

-=[ ❤️ Support ]=-

→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join

-=[ 🐕 Social ]=-

→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/

Other Videos By LiveOverflow

2021-02-05	Does Hacking Require Programming Skills?
2021-01-22	Reading Kernel Source Code - Analysis of an Exploit
2021-01-10	Kernel Root Exploit via a ptrace() and execve() Race Condition
2020-12-24	IT Security Career Advice
2020-12-01	My Life in Short/Shirt Stories - The Time I Learned PenSpinning (~2007-2009) - Shirt Stories #1
2020-11-26	Solving Nintendo HireMe!!! with "Basic" Math
2020-11-19	Nintendo Hire me!!!!!!!!
2020-11-07	How Hacking Actually Looks Like - ALLES! CTF Team in Real Time
2020-10-26	What is a File Format?
2020-10-18	Guessing vs. Not Knowing in Hacking and CTFs
2020-10-08	Chaining Script Gadgets to Full XSS - All The Little Things 2/2 (web) Google CTF 2020
2020-09-28	Failed DOM Clobbering Research - All The Little Things 1/2 (web) Google CTF 2020
2020-09-18	XSS on the Wrong Domain T_T - Tech Support (web) Google CTF 2020
2020-09-09	XSS a Paste Service - Pasteurize (web) Google CTF 2020
2020-09-01	Why Hackers Love the Number 1,094,795,585
2020-08-25	FPGA simulated on a GPU - GPURTL Google CTF Finals 2019 (reversing)
2020-08-21	Winners of Google Capture-The-Flag Finals 2019 🏳️
2020-08-16	Defusing a Bomb at Google London HQ - Having a Blast Google CTF Finals 2019 (hardware)
2020-08-12	Google CTF Finals 2019!
2020-08-08	Bug Hunter Talks & Init.G for Student - Escal8 2019 Day 2
2020-07-31	Script Gadgets! Google Docs XSS Vulnerability Walkthrough

Tags:

Live Overflow

liveoverflow

hacking tutorial

how to hack

exploit tutorial

google ctf

capture the flag

all the little things

csp

iframe

csp bypass

script gadget

xss

csrf

dom clobbering

srcdoc

pasteurize

cross site scripting