

My Stripe CTF 2.0 walkthrough - jasiek
http://jasiek.posterous.com/stripe-ctf-20-walkthrough

======
fuzionmonkey
I also really liked the XSS levels. I thought it was clever how they used
PhantomJS to simulate a victim. It kind of makes it more fun than just a
regular exploit.

On level 6 I got around the quotes limitation by using
eval(String.fromCharCode(11, 22, 33, 44, etc));

For fun I tried using <http://news.ycombinator.com/item?id=4365868>, which
worked, though if the script was long it would end up being truncated.

