Advent Of Cyber 3 - Day 5

Posted on Dec 5, 2021
tl;dr: Blind XSS

login to the elf forum and click any of the posts.

Create a new post with the content: <script>fetch('/settings?new_password=pass123');</script>

wait for about a minute and then try to login as the grinch, with password: pass123 it should be successful because the grinch is moderating the forum quite frequently.

deactivate the buttmas plugin to receive flag: THM{NO_MORE_BUTTMAS}