Timestamps and weird emails— A solution for Intigriti’s 0321 challenge

Intercepting the request with Burp Suite
In addition to quoting using the backslash character, conventional double-quote characters may be used to surround strings. For example


"Fred Bloggs"@example.com
Payload: “id=’x’tabindex=’1'onfocus=’alert(flag.innerText)’”@a.b

Let’s bypass the CSRF protection

Ok, now it’s time to bypass the CSRF protection. Looking at the source of the page, we get an important hint:




Bug Bounty Hunter

Love podcasts or audiobooks? Learn on the go with our new app.

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store