Full Stack Conf: A Dose of JavaScript Injection
Introduction:
Welcome to our latest cybersecurity exploration! This time, our journey takes us to Full Stack Conf, a virtual hub for exploring the future of JavaScript with leading industry professionals. The caveat? An un-sanitized 'Stay Up to Date' form and a diligent admin who regularly checks the emails. Well, it wouldn't be much fun without a hint of challenge, would it?
Machine name: Full Stack Conf
Difficulty: Easy
Category: Web
DESCRIPTION
Welcome to Full Stack Conf, explore the future of JavaScript with a lineup of industry professionals and discover new techniques to advance your career as a web developer. But be very careful with the stay up to date form, we don't sanitize anything and the admin logs in and checks the emails regularly, don't try anything funny!! 😅
Exploring the Website:
After initializing the machine, we obtained the IP address and began our exploration on the web browser. As we scrolled down the site, we encountered a curious note - "Stay up-to-date on Full Stack Conf or pop an alert() to get the flag."
Tapping into JavaScript Injection:
Seeing an email input box just below the note, an idea popped into our minds - what if we could use a classic JavaScript injection? So, we decided to give it a shot. We entered the script tag with an alert function, i.e., "<script>alert(“hi”)</script>", into the email box.
Success - We Struck Gold:
To our delight, the gamble paid off! On entering the script, we were rewarded with the sought-after flag.
Understanding the Vulnerability:
Let's delve a little into the details of this successful exploit. The vulnerability here is a form of Cross-Site Scripting (XSS), where the input fields in a web application are not adequately sanitized. This vulnerability allows an attacker to inject client-side scripts into web pages viewed by other users.
In our case, the 'Stay up to Date' form lacked proper sanitization measures, enabling us to inject a JavaScript code snippet that triggered an alert dialog. When the admin logged in and checked the emails (which were not sanitized), the script ran, and the flag was revealed.
Conclusion:
Our adventure with Full Stack Conf showcases how the absence of input sanitization can open a door for attackers, even when JavaScript is our playground. Injecting a simple JavaScript alert gave us the flag and provided a stern reminder of the importance of input sanitization in web development. So the next time you see an un-sanitized input field, remember - it might be more than meets the eye!