Chaining Script Gadgets to Full XSS - All The Little Things 2/2 (web) Google CTF 2020

In the second part we are building on top of what we have learned. We figure out how to craft something special out of a very limited script gadget. Eventually we can use it to leak the secret notes ID and notes content. Part 1: https://www.youtube.com/watch?v=dZXaQKEE3A8 Challenge: https://capturetheflag.withgoogle.com/challenges/web-littlethings Pasteurize: https://www.youtube.com/watch?v=Tw7ucd2lKBk 00:00 - Recap Part 1 00:20 - Start of the Attack Chain 00:54 - Control the Theme Callback 02:29 - Prior JSONP Capability Research 04:40 - innerHTML Breakthrough 06:13 - Content Security Policy Fail 07:19 - iframe CSP Bypass 08:31 - The Solution 10:09 - Chaining Three Gadgets 11:34 - Researching Cool XSS Techniques 12:00 - Solving the Challenge 13:25 - Outro -=[ ❤️ Support ]=- → per Video: https://www.patreon.com/join/liveoverflow → per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join -=[ ? Social ]=- → Twitter: https://twitter.com/LiveOverflow/ → Website: https://liveoverflow.com/ → Subreddit: https://www.reddit.com/r/LiveOverflow/ → Facebook: https://www.facebook.com/LiveOverflow/