Puzzle 01

This lab presents a puzzle designed to help you trigger a Cross-Site Scripting (XSS) vulnerability. The key to solving this challenge lies in understanding how the Ruby method String#gsub operates, especially concerning backreferences when a match is found.

To begin, explore the method String#gsub and pay special attention to backreferences. Examples provided, like "hello".gsub(/l+/, "\0") and "hello".gsub(/l+/, "\&"), will be particularly useful. Ensure that you fully grasp why the payload you discover works, as this understanding is crucial for mastering XSS vulnerabilities.