🚨 I uploaded files to my repository: https://github.com/arkark/my-ctf-challenges/tree/main/challenges/202409_IERAE_CTF_2024/web/leakleakleak
- CTFtime: https://ctftime.org/event/2441/
You can download challenge files from: leakleakleak.tar.gz
- The download link will be unavailable in the future.
Summary
- ID attribute leak with
hidden="until-found"
- Time-based XS-Leak: Busy process by many CSP errors with lazy loading iframes
index.js
public/index.html