CSP Bypass - Dangling markup

45 Points

Becareful browsers have their own logic

Author

CanardMandarin, 27 October 2020

Level

Validations

1417 Challengers 1%

Note

83 Votes

To reach this part of the site please login

1 Solution

Display solutions Submit a solution

Challenge Results

Pseudo	Challenge	Lang	Date
Haft	CSP Bypass - Dangling markup		3 December 2023 at 12:04
Senchurion	CSP Bypass - Dangling markup		2 December 2023 at 14:04
ribt	CSP Bypass - Dangling markup		29 November 2023 at 22:37
Ilyes	CSP Bypass - Dangling markup		29 November 2023 at 02:11
melinoix	CSP Bypass - Dangling markup		28 November 2023 at 18:59
jrfelliplourde	CSP Bypass - Dangling markup		28 November 2023 at 01:37
fabdeldongo	CSP Bypass - Dangling markup		25 November 2023 at 19:46
vojty	CSP Bypass - Dangling markup		23 November 2023 at 12:57
b4ckd00r	CSP Bypass - Dangling markup		21 November 2023 at 06:53
Arna	CSP Bypass - Dangling markup		21 November 2023 at 01:43

41 Challenges

Results	Name	Validations	Number of points	Difficulty	Author	Note	Solution	Date
	HTML - disabled buttons	44% 134333	5		Final		10	16 July 2017
	Javascript - Authentication	47% 144701	5		g0uZ		9	8 October 2006
	Javascript - Source	44% 137106	5		g0uZ		5	7 October 2006
	Javascript - Authentication 2	41% 125982	10		na5sim		4	3 February 2011
	Javascript - Obfuscation 1	39% 119667	10		Hel0ck		10	7 October 2006
	Javascript - Obfuscation 2	34% 103289	10		Hel0ck		8	3 February 2011
	Javascript - Native code	25% 76468	15		g0uZ		8	13 March 2011
	Javascript - Webpack	8% 21936	15		CanardMandarin		3	11 August 2020
	Javascript - Obfuscation 3	19% 57039	30		Hel0ck		9	4 February 2011
	XSS - Stored 1	12% 35135	30		g0uZ		10	3 March 2012
	AST - Deobfuscation	1% 550	35		mhoste , Lxt3h		2	27 June 2023
	CSP Bypass - Inline code	2% 4437	35		CanardMandarin		8	27 October 2020
	CSP Bypass - Nonce 2	1% 76	35		Ruulian		0	27 June 2023
	CSRF - 0 protection	6% 18454	35		sambecks		8	16 February 2016
	Web Socket - 0 protection	1% 750	35		Worty		1	22 October 2021
	XSS DOM Based - Introduction	2% 4339	35		Ruulian		4	12 August 2021
	Flash - Authentication	2% 5951	40		koma		1	18 June 2012
	XSS DOM Based - AngularJS	1% 1814	40		Ruulian		3	12 August 2021
	XSS DOM Based - Eval	1% 1919	40		Ruulian		4	12 August 2021
	CSP Bypass - Dangling markup	1% 1417	45		CanardMandarin		1	27 October 2020
	CSP Bypass - JSONP	1% 1143	45		CanardMandarin		5	27 October 2020
	CSRF - token bypass	3% 6541	45		sambecks		8	18 February 2016
	XSS - Reflected	2% 5266	45		pickle		5	16 March 2018
	CSP Bypass - Dangling markup 2	1% 1088	50		CanardMandarin		1	27 October 2020
	CSP Bypass - Nonce	1% 637	50		Ruulian		4	8 April 2022
	CSS - Exfiltration	1% 457	50		Forgi , gwel		1	8 April 2022
	Javascript - Obfuscation 4	2% 6213	50		aaSSfxxx		5	18 July 2011
	Relative Path Overwrite	1% 37	50		Mizu		0	28 July 2023
	XSS - Stored 2	3% 8031	50		g0uZ		7	4 March 2012
	XSS DOM Based - Filters Bypass	1% 1092	50		Ruulian		5	12 August 2021
	Self XSS - DOM Secrets	1% 134	55		Mizu		3	28 July 2023
	DOM Clobbering	1% 265	60		Mizu		1	8 April 2022
	Javascript - Obfuscation 6	1% 42	60		n3rada		0	27 April 2023
	Self XSS - Race Condition	1% 25	60		Mizu		0	28 July 2023
	Browser - bfcache / disk cache	1% 23	65		Mizu		0	28 July 2023
	HTTP Response Splitting	1% 2150	70		Arod		3	7 November 2013
	Javascript - Obfuscation 5	1% 752	70		Hel0ck		3	4 February 2011
	XS Leaks	1% 148	75		Mizu		1	8 April 2022
	XSS - Stored - filter bypass	1% 1308	80		Arod , sambecks		8	2 January 2016
	XSS - DOM Based	1% 784	85		vic		6	24 December 2016
	Same Origin Method Execution	1% 16	90		Mizu		0	28 July 2023