Basic Mission 5

[Prokc001]

thankyou very much again monica! that hint taught me alot im really starting to like this site.
if people are stuck you should really listen to the mods.

[kenizl_86]

I'm not asking for the answer, but I'm a total newbie at all to all of this stuff, I just would like to know what is it I'm looking for? I understand HTML, but I know nada about javascript. Help?

[WallShadow]

You are looking for a way to get the password. If you don't know anything about JavaScript, go learn some > http://w3schools.com/js/default.asp

[Zephyrnix]

Hi everyone, I completed both missions 4 and 5 with the methods recommended, but neither one really worked how I planned on them to. I don't want to spoil how the mission works for other people, but when I did the JS injection or the modification for mission 4, it just displayed the password for the input on the screen.

I assumed that what you were supposed to do is make it so that the password is e-mailed to you instead of Sam, and I even checked with Alert to make sure I had put in my e-mail right, but no e-mail was sent at all, the password just got displayed.

Technically it worked to solve the problem and I guess it was actually more efficient, but I'd like to know what exactly I did to make that happen if that isn't what was supposed to happen. You know, so I can use injections and stuff better in the future. I know I discribed what I did poorly, but again I didn't want to type the exact command I used because that would spoil it for other people. If anyone can recognize what I'm talking about though I'd appreciate it if you could explain it to me.

[limdis]

Technically it worked to solve the problem and I guess it was actually more efficient, but I'd like to know what exactly I did to make that happen if that isn't what was supposed to happen. You know, so I can use injections and stuff better in the future.

The emails used to be sent via email. I still have a couple of them lol. However, allowing that hack to actually take place led to some security flaws for HTS. So protective measures had to be put in place to prevent that. But do know that the injection that you used would have in fact sent the password to your email.


For those that are wondering, the email used to simply be this:

From Sam@www.hackthissite.org 4/8/05
to me

Sam,
Here is the password: '******'

Removed the password obviously

[typecookie]

injection is fun
just be sure to sterilize

[b00g3rs]

I understand what I need to do to complete this mission but I cannot get js to work on my browser and am not sure why. I have scripting enabled on my computer and am running firefox. Please help me, and thank you.

[-Ninjex-]

I understand what I need to do to complete this mission but I cannot get js to work on my browser and am not sure why. I have scripting enabled on my computer and am running firefox. Please help me, and thank you.

Hmm, I made a post in some other topic regarding this issue as well.

Apparently, some browsers are by default disabling JavaScript injections via the URL bar if this is what you are speaking of, which by the looks of it you are (Correct me if I am wrong)
Try to do a Google search on how to resolve the issue or just do what I did.

Get the add-on > firebug for the browser.

Modify your JavaScript injection code into a button in HTML and carry out the task that way.

You may also, want to try this as well:

Go to the top left corner of Firefox > Edit > Preferences > Content > Enable JavaScript

Make sure it is ticked

Hope this helps and good luck!

[LoGiCaL__]

Tools -> Web developer -> Web Console, then apply the injection there like you would in the url.

Also check what edone said at the bottom of page 1:

http://www.hackthissite.org/forums/viewtopic.php?f=79&t=8872

[-Ninjex-]

Tools -> Web developer -> Web Console, then apply the injection there like you would in the url.

Also check what edone said at the bottom of page 1:

http://www.hackthissite.org/forums/viewtopic.php?f=79&t=8872

I can learn from you every day.
Thanks for that post.