XSS Missions Feasible?

[thedotmaster]

Hey guys,
XSS is quite a widespread vulnerability (49% sites vulnerable, etc) and one that is ideal for the younger users to learn as a starter.
But no XSS missions? The response from the devs is that it's too hard to monitor whether the person who attempts the mission has actually completed it.
Let's say the challenge (lol) is to make an alert box come up (challenging shit) - the answer would be <script>alert(/xss/)</script> and a few variations of that.
http://www.hackthissite.org/missions/xs ... ate.php?q=<script>alert(/xss/)</script> could register the fact that the user has completed it, right?
What else could you do with the XSS? Perhaps using " to escape inputs in a form and add other details that are then submitted? I'm not sure.
Anyone else got any ideas?

[Nines]

It's easy to tell with an alert box, but different people use different syntax and the more in-depth the challenges get, the longer the answers get. Then you need more validation of answers. We've seen what happened with Extbasic.7 when you can have more than one possible solution to a mission. People get pissy over it and end up disliking the challenge. :/

[koryo]

i don't see why people should get pissy over it, they are here to learn, so when they learn a method that works on a mission, telling them to go back and revisit it, and try a different method should be welcomed, as it is yet another learning experience...

[thedotmaster]

Of course there are more possible answers but couldn't someone write a bit of code that looks for certain elements, e.g. "<input", or something similar, rather than the entire string?

[Mindzai]

It's easy to tell with an alert box, but different people use different syntax and the more in-depth the challenges get, the longer the answers get. Then you need more validation of answers. We've seen what happened with Extbasic.7 when you can have more than one possible solution to a mission. People get pissy over it and end up disliking the challenge. :/

Its not having multiple possible correct answers that annoys people, its the fact that only ONE of these possible answers is accepted. Like you say more validation of the answers is needed but is that such a bad thing? It's not a huge amount of extra work to stick a switch statement in and lowercase the answer before comparison cos arbitrary case sensitivity doesnt help.

Code: Select all

$pass = false;
switch (strtolower($the_answer)){
    case '1st possible answer':
    case '2nd possible answer':
    case '3rd possible answer':
    // etc...
        $pass = true;
        break;
}


[Karec]

Eh even with the difficulty in writing them, XSS is so widespread these days I do feel there should at least be one mission that can address this topic.

As for dealing with multiple answers, have at least two people who know XSS very well try to brainstorm all the possible answers and make it a multiple answer problem.

[Nines]

Eh even with the difficulty in writing them, XSS is so widespread these days I do feel there should at least be one mission that can address this topic.

As for dealing with multiple answers, have at least two people who know XSS very well try to brainstorm all the possible answers and make it a multiple answer problem.

Realistic 9, Realistic 11, Extbasic 7 deal with XSS.. I suppose you could have more extbasic missions based around XSS, like filter evasion etc.. I could see that working.

[mosshack]

I dont think XXS Mission as such in there own catorgory, i would like to see more XXS within other missions. Like in realistic missions have a hidden vulnerability and if the user finds that then they can use that to there advantage.
I think this would be a good idea, also it would make challenges more a challenge

[thedotmaster]

I dont think XXS Mission as such in there own catorgory, i would like to see more XXS within other missions. Like in realistic missions have a hidden vulnerability and if the user finds that then they can use that to there advantage.
I think this would be a good idea, also it would make challenges more a challenge

Yeah I agree with this actually. I'm not too sure how you would use an XSS to your advantage though, any ideas?

[mosshack]

Use it to your advantage e.g. You can use it to find a hidden password file and so on. Just an idea.