0

I am solving the ctf challenge. Is it possible to bypass this RE and execute JS injection?

<script>
s=decodeURIComponent(location.search.substr(1));
if(/^[".=acdeimnotu]*$/.test(s)) 
eval(s);
</script>

P.S Don't worry, this is not a competitive challenge

Tried to encode payload but nothing comes out

Kubbi
  • 1
  • 2
  • 1
    What are your trying to send as a search string? If you want to reach the `eval` I guess you have to comply with the allowed chars from the regex. You could skip the regex by raising an error, but that would skip the `eval` too – Kaddath Jun 05 '23 at 10:44
  • 1
    You can pass `document.domain=""` which will pass the regex test. Changing `.domain` is generally restricted by the browser and will throw if you try and do this (as the domain property is used when enforcing SOP), but maybe that's what the CTF is after. – Nick Parsons Jun 05 '23 at 12:05

0 Answers0