https://x3ric.com/blog/tags/xss/CTF notes, systems work, and writeups.Hugoen-usSat, 06 Jun 2026 21:41:13 +0200https://x3ric.com/blog/posts/HackTheBox-OnlyHacks-Challenge/https://x3ric.com/blog/posts/HackTheBox-OnlyHacks-Challenge/Fri, 28 Feb 2025 00:20:00 +0800challengehtbwebxssOnlyHacks: use the client-side injection path to steal the needed proof and recover the flag.https://x3ric.com/blog/posts/HackTheBox-SpookTastic-Challenge/https://x3ric.com/blog/posts/HackTheBox-SpookTastic-Challenge/Sat, 30 Nov 2024 09:20:00 +0800challengehtbwebxssSpookTastic: use the client-side injection path to steal the needed proof and recover the flag.https://x3ric.com/blog/posts/HackTheBox-Feedback-Flux-Challenge/https://x3ric.com/blog/posts/HackTheBox-Feedback-Flux-Challenge/Sat, 02 Nov 2024 09:20:00 +0800challengehtbwebxssphpFeedback Flux: use the client-side injection path to steal the needed proof and recover the flag.