What is it? @.@

Here is the place where I record some tactics about wargame, systems, and other security issues.

2013-05-22

Bright Shadows - /dev/null 1: "Only an easy text crypto."

Description:

Get the solution out of this text:

cross-Site scripting (xss) vulnerabilities are very often misunderstood and not given the due concern and Attention they deserve by vendors. xss is the preferred acronym for “cross-site scripting” simply to Minimize the confusion with cascading style sheets (css). simply put, a web application vulnerable to xss allows a user to inadvertently send malicious data to him or herself through that application. attackers often perform xss exploitation By crafting malicious urls and tricking users into clicking on them. these links cause client side scripting languages (vbscript, javascript, etc.) of the Attacker’s choice to execute on the victim’s browser. xss vulnerabilities are caused by a failure in the web application to properly validate user input.
______________      ________
|enter solution|    |Checkit!|

Solution:
  1. This challenge is about cryptography,  just find the special characters in the upper text. 
  2. Read the upper text and you'll find out there are some capital letters.
    cross-Site scripting (xss) vulnerabilities are very often misunderstood and not given the due concern and Attention they deserve by vendors. xss is the preferred acronym for “cross-site scripting” simply to Minimize the confusion with cascading style sheets (css). simply put, a web application vulnerable to xss allows a user to inadvertently send malicious data to him or herself through that application. attackers often perform xss exploitation By crafting malicious urls and tricking users into clicking on them. these links cause client side scripting languages (vbscript, javascript, etc.) of the Attacker’s choice to execute on the victim’s browser. xss vulnerabilities are caused by a failure in the web application to properly validate user input.
  3. Enter the answer and check it. Well done!

No comments:

Post a Comment