Let's bypass that CSP - K!nd4SUS 2025 CTF
Автор: hexdump
Загружено: 12 апр. 2025 г.
Просмотров: 436 просмотров
Hi there!
Today we analyze a web challenge taken from K!nd4SUS 2025 CTF that has to do with CSP bypass. Specifically, we will analyze how to bypass the Content Security Policy by using the base HTML element.
If you're interested in the challenge and in the solution notes, you can subscribe to my patreon to access my private git server, where I host all the notes and assets showcased in the video.
Patreon: / hexdump
Coffee: https://buymeacoffee.com/hexdump
Git Server: https://git.hexdump.sh
Thank you very much for watching.
-------------------------
TIMESTAMP
00:00 Introduction
01:23 Challenge analysis
07:40 JavaScript Injection
10:45 Bypassing CSP with base element
13:15 Final Solution
17:33 Conclusion
-------------------------
REFERENCES
Material: https://github.com/LeonardoE95/yt-en/...
CSP Evaluator: https://csp-evaluator.withgoogle.com/
CTFtime event: https://ctftime.org/event/2703
-------------------------
CONTACTS
Patreon: / hexdump
Coffee: https://buymeacoffee.com/hexdump
Git: https://git.hexdump.sh
Blog: https://blog.leonardotamiano.xyz/
Доступные форматы для скачивания:
Скачать видео mp4
-
Информация по загрузке:
