- Published on
A detailed walkthrough of the Political web challenge from IRIS CTF 2025, covering token validation, admin cookie exploitation, and URL encoding techniques.
Web-security
All Posts
- ctf (5)
- pwn (3)
web-security (2)
- web (2)
- crypto (2)
- reversing (2)
- forensics (2)
- osint (2)
- thm (2)
- window-postmessage (1)
- xss (1)
- javascript (1)
- security (1)
- buffer_overflow (1)
- csecindia (1)
- nsec (1)
- dnssec (1)
- digging-for-flags (1)
- n0ps (1)
- react (1)
- nextjs (1)
- cve-2025-55182 (1)
- react2shell (1)
- wordpress (1)
- ssrf (1)
- rce (1)
- plugin (1)
- localhost (1)
- 0000 (1)
- loopback (1)
- networking (1)
- servers (1)
- challenge (1)
- injection (1)
- url-encoding (1)
- puppeteer (1)
- Published on
An in-depth look at the risks of using window postMessage and how improper use can lead to XSS vulnerabilities.