logo
Red team
Root-Me Web client challenges
  • Green team
  • Blue team
  • Purple team
  • Ty Myrddin
Initializing search
      • IN: Where the falcons and foxes roam
        • Swoop like falcons, silent, precise, and lethally patient
        • Mapping the lay of the land
        • Fox hunting through the digital wilds
        • A canopy of apple-blossom
          • Field notes from the fragrant branches of web app exploitation
          • Portswigger Academy labs: Controlled burn
          • Root-me: Orchard foraging
            • Root-Me Web client challenges
              • HTML disabled buttons
              • Javascript authentication
              • Javascript source
              • Javascript native code
              • XSS stored 1
              • CSP bypass inline
              • CSRF: zero protection
            • Root-Me Web client challenges
              • HTML disabled buttons
              • Javascript authentication
              • Javascript source
              • Javascript native code
              • XSS stored 1
              • CSP bypass inline
              • CSRF: zero protection
            • Root-Me Web server challenges
          • Petals and pentesting priorities
        • Getting a foothold in the top of the world tree
        • Hack the planet? Nah, just hold the door for me
        • Where wild boars plough through endpoints
        • Wolverines do not ask for permissions
        • Riches in the ground
      • THROUGH: Where the raccoons burrow and rummage
      • OUT: Where squirrels swipe the crown jewels

    Root-Me Web client challengesΒΆ

    Root Me Web Client challenges

    Puzzle with:

    • HTML disabled buttons
    • Javascript authentication
    • Javascript source
    • Javascript native code
    • XSS stored 1
    • CSP bypass inline
    • CSRF: zero protection
    Last update: 2025-05-12 14:16
    Back to top
    Previous Root-me: Orchard foraging
    Next HTML disabled buttons
    © Copyright 2025, TyMyrddin.
    Created using Sphinx 7.2.6. and Sphinx-Immaterial

    Made with love in the Unseen University, 2025, with a forest garden fostered by /ut7