Skip to content
This repository has been archived by the owner on Jul 4, 2023. It is now read-only.

H5SC Mini Challenge 4

Jump to bottom
Cure53 edited this page Apr 1, 2016 · 18 revisions

H5SC Mini-Challenge 4

This challenge was public for a few hours on 1st of April 2016. It involved Flash, ExternalInterface, one obvious - and another less obvious solution.

Source Code

{
    import flash.display.Sprite;
    import flash.external.ExternalInterface;
    import flash.text.TextField;
    
    public class Main extends Sprite
    {
        public function Main() 
        {
            ExternalInterface.call('console.dir', loaderInfo.parameters);
            var text:TextField = new TextField();
            text.height = 200;
            text.width = 600;
            text.text = "Can you XSS me? Execute an alert(1) and win fame and glory :)\r\nSend a mail to [email protected] once you did it.";
            text.text += loaderInfo.parameters.text?loaderInfo.parameters.text:"";
            addChild(text);
        }
    }
}

The obvious solution

TBD

The not so obvious solution

TBD

Clone this wiki locally