Challenge Quito

Challenge Quito

Stole Jane token using XSS.

  1. You have access to Isaac’s profile
  2. Build a proper script injection with JavaScript
  3. Insert the script in Isaac’s bio
  4. Wait the next visit of other user (Jane) to the Isaac’s profile
  5. Get the token of Jane using the injection
usernamepassword
isaacuser

Tools

  • You can use a tool like webhook.site to handle http requests

Tips

  • Webhook.site provide an URL to make requests and capture details about it, like query params ;3
  • Jane is a bot that enters to Isaac’s profile every 5 seconds (and log this action in the console)
  • User tokens are stored in localStorage with the key: token
  • Tokens may take a moment to load on the page, so it is recommended that you wait 500ms before reading them

Usage

Run container

   docker run -it --name quito -p 9999:9999 ghcr.io/platzi/ctf-quito:main

Show logs of container

   docker logs --follow quito

Stop container

   [Ctrl]+[C]
// or in other tab
docker stop quito

Remove container

   docker container rm quito

Remove image

   docker rmi ghcr.io/platzi/ctf-quito:main