DOM Clobbering


Web Security.

So you've met Content-Security-Policy, the thing that ruins your day by refusing to run untrusted scripts. But almost every site ships JavaScript of its own, and CSP can't block that. If you can't bring your own script, you can try to hijack the one that's already there.

This module walks through DOM Clobbering: using plain HTML to overwrite JavaScript variables and bend existing code to your goals.



Challenges

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

This server has a very strong Content-Security-Policy, so it should be impossible for attackers to manipulate the webpage...

What if the elements that the JavaScript is looking for are not quite what it expects?

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

What else can be clobbered?

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

Check out my new golf game!

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

This server has a very strong Content-Security-Policy, so it should be impossible for attackers to manipulate the webpage...

What if a window attribute was misconfigured?

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

I don't get why we need to have a content security policy when we can just sanitize HTML...

Connect with SSH

Link your SSH key, then connect with: ssh [email protected]

30-Day Scoreboard:

This scoreboard reflects solves for challenges in this module after the module launched in this dojo.

7-Day | 30-Day | All-Time

Rank Hacker Badges Score