View Html Online - Source code for: https://challenge-1221.intigriti.io/

<!DOCTYPE html> <html lang="en"> <head> <meta content="text/html; charset=utf-8" http-equiv="Content-Type"> <title> Intigriti December Challenge </title> <meta content="summary_large_image" name="twitter:card"> <meta content="@intigriti" name="twitter:site"> <meta content="@intigriti" name="twitter:creator"> <meta content="December XSS Challenge - Intigriti" name="twitter:title"> <meta content="Find the XSS and WIN Intigriti swag." name="twitter:description"> <meta content="https://challenge-1221.intigriti.io/share.jpg" name="twitter:image"> <meta content="https://challenge-1221.intigriti.io" property="og:url"> <meta content="website" property="og:type"> <meta content="December XSS Challenge - Intigriti" property="og:title"> <meta content="Find the XSS and WIN Intigriti swag." property="og:description"> <meta content="https://challenge-1221.intigriti.io/share.jpg" property="og:image"> <link href="https://fonts.googleapis.com/css2?family=Poppins:wght@400;700&display=swap" rel="stylesheet"> <link href="style.css" rel="stylesheet"> <style> .container { height : 480px; width : 350px; -webkit-transform : translate(-50%,-50%); -ms-transform : translate(-50%,-50%); transform : translate(-50%,-50%); position : absolute; top : 12%; right : -32%; z-index : 1; } svg { position : absolute; top : 0; left : 0; } .plane { position : relative; -webkit-animation : float 3s infinite; animation : float 3s infinite; } @-webkit-keyframes float { 50% { -webkit-transform: translateY(25px); transform: translateY(25px); } } @keyframes float { 50% { -webkit-transform: translateY(25px); transform: translateY(25px); } } .hand { -webkit-transform : rotate(10deg); -ms-transform : rotate(10deg); transform : rotate(10deg); -webkit-animation : wave 1.5s infinite; animation : wave 1.5s infinite; -webkit-transform-origin: center; -ms-transform-origin: center; transform-origin : center; } .blade { -webkit-animation : spin 1s infinite linear; animation : spin 1s infinite linear; -webkit-transform-origin: 50% 54%; -ms-transform-origin: 50% 54%; transform-origin : 50% 54%; } @-webkit-keyframes spin { 100% { -webkit-transform: rotateX(360deg); transform: rotateX(360deg); } } @keyframes spin { 100% { -webkit-transform: rotateX(360deg); transform: rotateX(360deg); } } @-webkit-keyframes wave { 50% { -webkit-transform: rotate(-10deg); transform: rotate(-10deg); } } @keyframes wave { 50% { -webkit-transform: rotate(-10deg); transform: rotate(-10deg); } } section#wrapper { position : relative; } </style> <style> @keyframes mustache-wiggle { 0% { transform: rotate(0turn); } 25% { transform: rotate(0.02turn) scale(1.1); } 50% { transform: rotate(-0.02turn) scale(1.1); } 75% { transform: rotate(0.02turn) scale(1.1); } 100% { transform: rotate(0turn) scale(1); } } .wrapper { margin : 30vh 0; position : absolute; left : -65%; top : 5%; } .hat-wrapper { position : absolute; top : -170px; } .hat { min-width : 400px; height : 200px; background : #d00000; margin : 0 auto; border-radius : 100% 100% 0 0; transform : skew(0, -8deg); } .hat-top { width : 0; height : 0; border-style : solid; border-width : 123px 0 0 100px; border-color : transparent transparent transparent #d00000; position : absolute; right : -84px; bottom : -12px; transform : skew(0, 30deg); } .hat-top:before { content : ""; display : block; background : white; background : radial-gradient(at top, #ffffff 0%, #e4e4e4 100%); width : 100px; height : 100px; position : relative; top : -50px; margin-left : -50px; border-radius : 100%; transform : skew(0, -23deg); } .hat-brim { width : 110%; min-width : 400px; height : 80px; border-radius : 40px; background : white; background : radial-gradient(at top, #ffffff 0%, #e4e4e4 100%); margin : 0 auto; position : relative; left : -5%; top : -40px; } .face { /*Auto width and height needs help*/ width: 40vw; min-width : 400px; min-height : 400px; max-width : 400px; border-radius : 30% 30% 90% 90%; background : radial-gradient(at 40% top, #f6e6b4 0%, #eaab5d 100%); margin : 0 auto; position : relative; } .eye { background : black; width : 30px; height : 30px; position : absolute; top : 100px; border-radius : 100%; transition : all 0.5s; } .eye:hover { height : 6px; margin-top : 12px; } .left-eye { left : 100px; } .right-eye { right : 100px; } /******************* Beard *******************/ .beard { width : 110%; height : 80%; border-radius : 30% 30% 110% 110%; background : radial-gradient(at top, #ffffff 0%, #e4e4e4 100%); left : -5%; position : absolute; top : 50%; } .beard:hover .mustache { animation : mustache-wiggle 0.6s 1; } .mustache { position : absolute; width : 60%; left : 20%; top : -40px; font-size : 0; } .mustache-left { width : 50%; height : 80px; background : radial-gradient(at top left, #e4e4e4 0%, #ffffff 100%); border-radius : 200% 40% 100%; box-shadow : -2px 6px 8px #e4e4e4; display : inline-block; box-sizing : border-box; } .mustache-right { width : 50%; height : 80px; background : radial-gradient(at top right, #e4e4e4 0%, #ffffff 100%); border-radius : 40% 200% 40% 100%; box-shadow : 2px 6px 8px #e4e4e4; display : inline-block; box-sizing : border-box; } </style> <style> html { overflow-x : hidden; } .snowflake { position : absolute; display : block; position : absolute; -webkit-border-radius: 50%; -moz-border-radius : 50%; border-radius : 50%; -webkit-transform : translateZ(0); -moz-transform : translateZ(0); -ms-transform : translateZ(0); -o-transform : translateZ(0); transform : translateZ(0); -webkit-user-select : none; -moz-user-select : none; user-select : none; background-image : -webkit-radial-gradient( center, circle farthest-corner, rgba(255, 255, 255, 1) 40%, rgba(255, 255, 255, 0) 100% ); background-image : -moz-radial-gradient( center, circle farthest-corner, rgba(255, 255, 255, 1) 40%, rgba(255, 255, 255, 0) 100% ); background-image : -ms-radial-gradient( center, circle farthest-corner, rgba(255, 255, 255, 1) 40%, rgba(255, 255, 255, 0) 100% ); background-image : radial-gradient( center, circle farthest-corner, rgba(255, 255, 255, 1) 40%, rgba(255, 255, 255, 0) 100% ); } #snow { position : fixed; width : 100%; height : 100%; } </style> </head> <body> <div id="snow"> </div> <section id="wrapper"> <div class="wrapper"> <div class="face"> <div class="hat-wrapper"> <div class="hat"> <div class="hat-top"> </div> </div> <div class="hat-brim"> </div> </div> <div class="eyes"> <div class="eye left-eye"> </div> <div class="eye right-eye"> </div> </div> <div class="mouth"> </div> <div class="beard"> <div class="mustache"> <div class="mustache-left"> </div> <div class="mustache-right"> </div> </div> </div> </div> </div> <div class="container"> <svg data-name="Layer 1" height="400" width="350" xmlns="http://www.w3.org/2000/svg"> <path d="M0 0h350v400H0z" fill="transparent"> </path> <g class="cloud" fill="#CCE6F4"> <path d="M63 53h65a13 13 0 0113 13 13 13 0 01-13 13H61a12 12 0 01-12-12 14 14 0 0114-14z"> </path> <path d="M83 26a19 19 0 0119 19v1a19 19 0 01-19 19h-2a18 18 0 01-18-18v-1a20 20 0 0120-20z"> </path> <path d="M113 38a14 14 0 0114 14v1a14 14 0 01-14 14h-2a13 13 0 01-13-13v-1a15 15 0 0115-15z"> </path> </g> <g class="cloud" fill="#CCE6F4"> <path d="M202.936 343.907h52.943a10.589 10.589 0 0110.588 10.589 10.589 10.589 0 01-10.588 10.588h-54.572a9.774 9.774 0 01-9.774-9.774 11.403 11.403 0 0111.403-11.403z"> </path> <path d="M219.226 321.916a15.476 15.476 0 0115.476 15.475v.815a15.476 15.476 0 01-15.476 15.475h-1.629a14.661 14.661 0 01-14.661-14.66v-.815a16.29 16.29 0 0116.29-16.29z"> </path> <path d="M243.661 331.69a11.403 11.403 0 0111.403 11.403v.814a11.403 11.403 0 01-11.403 11.403h-1.629a10.589 10.589 0 01-10.588-10.588v-.815a12.218 12.218 0 0112.217-12.217z"> </path> </g> <g class="cloud" fill="#CCE6F4"> <path d="M12.936 245.907h52.943a10.589 10.589 0 0110.588 10.589 10.589 10.589 0 01-10.588 10.588H11.307a9.774 9.774 0 01-9.774-9.774 11.403 11.403 0 0111.403-11.403z"> </path> <path d="M29.226 223.916a15.476 15.476 0 0115.476 15.475v.815a15.476 15.476 0 01-15.476 15.475h-1.629a14.661 14.661 0 01-14.661-14.66v-.815a16.29 16.29 0 0116.29-16.29z"> </path> <path d="M53.661 233.69a11.403 11.403 0 0111.403 11.403v.814a11.403 11.403 0 01-11.403 11.403h-1.629a10.589 10.589 0 01-10.588-10.588v-.815A12.218 12.218 0 0153.66 233.69z"> </path> </g> <g class="cloud" fill="#CCE6F4"> <path d="M246.79835,143.07881h75.40328a15.04912,15.04912,0,0,1,15.04912,15.04912v0a15.0491,15.0491,0,0,1-15.0491,15.0491H244.79837a14.04912,14.04912,0,0,1-14.04912-14.04912v0A16.0491,16.0491,0,0,1,246.79835,143.07881Z"> </path> <path d="M269.00509,111.82294h2.04917a21.04912,21.04912,0,0,1,21.04912,21.04912v3.04917a21.04909,21.04909,0,0,1-21.04909,21.04909h-4.04917A20.04912,20.04912,0,0,1,246.956,136.9212V133.872a22.04909,22.04909,0,0,1,22.04909-22.04909Z"> </path> <path d="M304.522,125.71444h.47291A16.04912,16.04912,0,0,1,321.044,141.76356v1.47291a16.0491,16.0491,0,0,1-16.0491,16.0491H302.522a15.04912,15.04912,0,0,1-15.04912-15.04912v-1.47291A17.0491,17.0491,0,0,1,304.522,125.71444Z"> </path> </g> <g class="plane"> <rect fill="#711723" height="43.645" rx="12.755" ry="12.755" width="25.511" x="215.747" y="157.738"> </rect> <path d="M166.263 185.401h74.995v31.965h-74.995zM166.263 217.366h74.995a31.965 31.965 0 01-31.965 31.965h-43.03v-31.965z" fill="#f40009"> </path> <g class="hand"> <rect fill="#f6bfb1" height="9.113" rx="4.557" ry="4.557" transform="rotate(-120 149.62 157.393)" width="26.365" x="136.437" y="152.836"> </rect> <path d="M144.906 163.746l11.978-6.916 20.407 35.346-11.978 6.916z" fill="#f40009"> </path> <rect fill="#e6e6e6" height="6.973" rx="3.486" ry="3.486" transform="rotate(-30 149.312 157.7)" width="20.172" x="139.226" y="154.214"> </rect> </g> <path d="M171.488 155.28h37.805v23.974h-37.805z" fill="#f6bfb1"> </path> <path d="M165.956 185.093v64.545h-12.602v-.024c-.406.015-.818.024-1.23.024a32.272 32.272 0 110-64.545c.412 0 .824.01 1.23.025v-.025z" fill="#711723"> </path> <path d="M161.345 185.093h4.918v64.545h-4.918z" fill="#300403"> </path> <path d="M113.376 210.296v11.987h-2.34v-.004a6.053 6.053 0 01-.23.004 5.993 5.993 0 110-11.987c.077 0 .154.002.23.005v-.005z" fill="#f40009"> </path> <g fill="#300403"> <circle cx="155.505" cy="244.106" r="2.459"> </circle> <circle cx="155.505" cy="190.933" r="2.459"> </circle> <circle cx="155.505" cy="208.452" r="2.459"> </circle> <circle cx="155.505" cy="226.586" r="2.459"> </circle> </g> <rect class="blade" fill="#300403" height="98.354" rx="3.381" ry="3.381" width="6.762" x="113.244" y="167.266"> </rect> <path d="M195.154 211.526h34.732a4.918 4.918 0 014.917 4.918 4.918 4.918 0 01-4.917 4.917h-34.732a4.918 4.918 0 01-4.917-4.917 4.918 4.918 0 014.917-4.918z" fill="#711723"> </path> <g fill="#fff"> <rect height="40.192" rx="7.963" ry="7.963" width="15.925" x="174.148" y="171.282"> </rect> <rect height="40.192" rx="7.963" ry="7.963" width="15.925" x="188.824" y="171.282"> </rect> <rect height="51.21" rx="7.963" ry="7.963" transform="rotate(-90 188.824 193.296)" width="15.925" x="180.862" y="167.691"> </rect> <path d="M161.55 180.896a7.963 7.963 0 016.42-9.252l20.066-3.625a7.963 7.963 0 019.251 6.42 7.963 7.963 0 01-6.42 9.251l-20.066 3.626a7.963 7.963 0 01-9.251-6.42z"> </path> <path d="M183.122 174.543a7.963 7.963 0 019.251-6.42l19.491 3.521a7.963 7.963 0 016.42 9.252 7.963 7.963 0 01-9.251 6.42l-19.491-3.522a7.963 7.963 0 01-6.42-9.25z"> </path> </g> <rect fill="#711723" height="27.355" rx="3.227" ry="3.227" width="6.455" x="167.185" y="151.899"> </rect> <rect fill="#711723" height="27.355" rx="3.227" ry="3.227" width="6.455" x="207.449" y="151.899"> </rect> <circle cx="190.083" cy="165.883" fill="#e76160" r="3.842"> </circle> <circle cx="190.083" cy="179.868" r="6.454"> </circle> <path d="M167.185 148.21h46.718v7.069h-46.718zM213.903 145.137h-46.718a10.757 10.757 0 0110.757-10.758h25.204a10.757 10.757 0 0110.757 10.758z" fill="#f40009"> </path> <path d="M167.185 143.907h46.718v4.303h-46.718z" fill="#711723"> </path> <circle cx="181.016" cy="146.059" fill="#711723" r="7.377"> </circle> <circle cx="181.016" cy="146.059" fill="#300403" r="5.62"> </circle> <circle cx="200.072" cy="146.059" fill="#711723" r="7.377"> </circle> <circle cx="200.072" cy="146.059" fill="#300403" r="5.62"> </circle> <path d="M176.713 165.422s2.459-3.995 6.454 0M197.306 165.422s2.459-3.995 6.454 0" fill="none" stroke="#000" stroke-miterlimit="10" stroke-width="1.844"> </path> </g> </svg> </div> <section id="rules"> <div class="card-container" id="challenge-container"> <div class="card-header"> <img alt="creator" class="card-avatar" src="creator.jpg"> Intigriti's December XSS challenge <br> By <a href="https://twitter.com/E1u5iv3F0x" target="_blank"> @E1u5iv3F0x </a> </div> <div class="card-content" id="challenge-info"> <p> Find a way to execute arbitrary javascript on the iFramed page and win Intigriti swag. </p> <b> Rules: </b> <ul> <li> This challenge runs from 20 December until 26 December, 11:59 PM CET. </li> <li> Out of all correct submissions, we will draw <b> six </b> winners on Monday, 27th of December: <ul> <li> Three randomly drawn correct submissions </li> <li> Three best write-ups </li> </ul> </li> <li> Every winner gets a â¬50 swag voucher for our <a href="https://swag.intigriti.com/" target="_blank"> swag shop </a> </li> <li> The winners will be announced on our <a href="https://twitter.com/intigriti" target="_blank"> Twitter profile </a> . </li> <li> For every 100 likes, we'll add a tip to <a href="https://go.intigriti.com/challenge-tips" target="_blank"> announcement tweet </a> . </li> <li> Join our <a href="https://go.intigriti.com/discord" target="_blank"> Discord </a> to discuss the challenge! </li> </ul> <b> The solution... </b> <ul> <li> Should work on the latest version of Chrome <b> and </b> FireFox. </li> <li> Should execute <code> alert(document.domain) </code> . </li> <li> Should leverage a cross site scripting vulnerability on this domain. </li> <li> Shouldn't be self-XSS or related to MiTM attacks. </li> <li> Should be reported at <a href="https://go.intigriti.com/submit-solution"> go.intigriti.com/submit-solution </a> . </li> </ul> <b> Test your payloads down below and <a href="challenge/index.php?payload="> at the challenge page here </a> ! </b> <p> Let's pop that alert! </p> </div> </div> <div class="card-container"> <iframe height="600px" src="challenge/index.php?payload=" width="100%"> </iframe> </div> </section> </section> <script> var Snowflake = (function() { var flakes; var flakesTotal = 250; var wind = 0; var mouseX; var mouseY; function Snowflake(size, x, y, vx, vy) { this.size = size; this.x = x; this.y = y; this.vx = vx; this.vy = vy; this.hit = false; this.melt = false; this.div = document.createElement('div'); this.div.classList.add('snowflake'); this.div.style.width = this.size + 'px'; this.div.style.height = this.size + 'px'; } Snowflake.prototype.move = function() { if (this.hit) { if (Math.random() > 0.995) this.melt = true; } else { this.x += this.vx + Math.min(Math.max(wind, -10), 10); this.y += this.vy; } if (this.x > window.innerWidth + this.size) { this.x -= window.innerWidth + this.size; } if (this.x < -this.size) { this.x += window.innerWidth + this.size; } if (this.y > window.innerHeight + this.size) { this.x = Math.random() * window.innerWidth; this.y -= window.innerHeight + this.size * 2; this.melt = false; } var dx = mouseX - this.x; var dy = mouseY - this.y; this.hit = !this.melt && this.y < mouseY && dx * dx + dy * dy < 2400; }; Snowflake.prototype.draw = function() { this.div.style.transform = this.div.style.MozTransform = this.div.style.webkitTransform = 'translate3d(' + this.x + 'px' + ',' + this.y + 'px,0)'; }; function update() { for (var i = flakes.length; i--; ) { var flake = flakes[i]; flake.move(); flake.draw(); } requestAnimationFrame(update); } Snowflake.init = function(container) { flakes = []; for (var i = flakesTotal; i--; ) { var size = (Math.random() + 0.2) * 12 + 1; var flake = new Snowflake(size, Math.random() * window.innerWidth, Math.random() * window.innerHeight, Math.random() - 0.5, size * 0.3); container.appendChild(flake.div); flakes.push(flake); } container.onmousemove = function(event) { mouseX = event.clientX; mouseY = event.clientY; wind = (mouseX - window.innerWidth / 2) / window.innerWidth * 6; }; container.ontouchstart = function(event) { mouseX = event.targetTouches[0].clientX; mouseY = event.targetTouches[0].clientY; event.preventDefault(); }; window.ondeviceorientation = function(event) { if (event) { wind = event.gamma / 10; } }; update(); }; return Snowflake; }()); window.onload = function() { setTimeout(function() { Snowflake.init(document.getElementById('snow')); }, 500); }; </script> </body> </html>

Latest requests

#	Url	Date
1	https://challenge-1221.intigriti.i…	2024-05-19 22:04:53
2	https://www.wincert.net/	2024-05-19 22:04:49
3	https://mindfluence.io/	2024-05-19 22:04:47
4	https://gunneruldt76542.blogacep.c…	2024-05-19 22:04:46
5	https://thebolditalic.com/?gi=bcc0…	2024-05-19 22:04:44
6	https://mmsi-pkc.auth0.com/login?s…	2024-05-19 22:04:41
7	https://thebolditalic.com/?gi=9279…	2024-05-19 22:04:32
8	https://mmsi-pkc.auth0.com/login?s…	2024-05-19 22:04:31
9	https://thebolditalic.com/?gi=0fe1…	2024-05-19 22:04:27
10	https://tabigocoro.jp/	2024-05-19 22:04:26
11	https://thebolditalic.com/?gi=f901…	2024-05-19 22:04:20
12	https://thebolditalic.com/?gi=0f1c…	2024-05-19 22:04:15
13	https://m.facebook.com/login.php?n…	2024-05-19 22:04:15
14	https://thebolditalic.com/?gi=218f…	2024-05-19 22:04:14
15	https://mmsi-pkc.auth0.com/login?s…	2024-05-19 22:04:13
16	https://www.plantsg.com.sg:443/bbs…	2024-05-19 22:04:12
17	https://thebolditalic.com/?gi=99bd…	2024-05-19 22:04:12
18	https://heikowunderlich.de/	2024-05-19 22:04:10
19	https://mmsi-pkc.auth0.com/login?s…	2024-05-19 22:04:05
20	https://mmsi-pkc.auth0.com/login?s…	2024-05-19 22:04:04