Intigriti XSS challenge #2 write-up
![Hình ảnh](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjQLfiFTWij_3F_3S1NDTGoEkoBMOJkx283AXg7ORPnfT8_UGcdjdT1jJ_gJ5a0qjSqITtvGRk_lxUhamJ8M79K8qiI2lHXWZVyMbB592nOGc8RB4-AR3bKK8_Sy-gdK6RW84lHXaeQjyE/s1600/intigriti_xss_challenge2.png)
Hi guys, Intigriti (Bug bounty platform) has released a nice XSS challenge at https://challenge.intigriti.io/2/#aW50aWdyaXRpLWNoYWxsZW5nZQ== The challenge is over, so I think I have to write something :D Here their banner In short, we have to exploit this vulnerable script to trigger a DOM-Based XSS < script > var b64img = window . location . hash . substr ( 1 ); var xhttp = new XMLHttpRequest (); xhttp . onreadystatechange = function () { if ( this . readyState == 4 && this . status == 200 ) { var reader = new FileReader (); reader . onloadend = function () { document . write ( ` <a href=" ${ b64img } " alt=" ${ atob ( b64img ) } "> <img src=" ${ reader . result } "> </a>` ); } reader . readAsDataURL ( this . response ); } }; xhttp . responseType = 'blob' ; xhttp . open ( "GET" , b64img , true ); x