Basic Mission 5

Bad threads go here

Re: Basic Mission 5

Post by UbiquitousWolf on Wed Sep 24, 2008 4:54 pm
([msg=12471]see Re: Basic Mission 5[/msg])

New postby bbab84 on Wed Sep 24, 2008 11:46 am
I'm only one day into this and now I'm stuck on 5. This is where I stand...I used the JS Inj. from this site http://nexodyne.com/archive/index.php?t-14736.html and changed the email address. After I send the pw to Sam, I just get a message saying it was successful. After reading everyone's posts, it looks like all I really have to do is copy and paste the JS in my URL. The problem is, I don't know which line from the source goes in the URL bar. If I knew that, I could figure it out. To me, it sounds like there's more than one way to complete this one. It also says in the instructions that I can use Firefox, which I already use. I also have Firebug...will that help at all? Any info would be much obliged.


Just read through it and make sure you know whats going on. In your link it talks about void and alert use them both to your advantage. So say you modified a field then make an alert after it so you can see the change that you made. Try out the js injections in that page on that page and check out what they do. Do an alert first so you can see what the default fields are and then add the Authorized=yes field one and an alert after wards so you can see if you did it right.
I never think of the future - it comes soon enough.
UbiquitousWolf
New User
New User
 
Posts: 23
Joined: Sun Aug 24, 2008 2:15 pm
Blog: View Blog (0)


Re: Basic Mission 5

Post by bbab84 on Thu Sep 25, 2008 4:16 pm
([msg=12528]see Re: Basic Mission 5[/msg])

Something still isn't right. This is what I did:
<input type=alert(document.forms[0].to.value)><void(document.cookie="Authorized=yes")><alert(document.forms[0].to.value)>

This is what I got out of what you told me, but I don't think it's right since nothing has changed. I know I'm missing something, but what?
Experience is what you get when you don't get what you want.
bbab84
New User
New User
 
Posts: 3
Joined: Wed Sep 24, 2008 2:35 pm
Location: Wisconsin, US
Blog: View Blog (0)


Re: Basic Mission 5

Post by Zelth on Thu Sep 25, 2008 5:12 pm
([msg=12536]see Re: Basic Mission 5[/msg])

bbab84 wrote:Something still isn't right. This is what I did:
<input type=alert(document.forms[0].to.value)><void(document.cookie="Authorized=yes")><alert(document.forms[0].to.value)>

This is what I got out of what you told me, but I don't think it's right since nothing has changed. I know I'm missing something, but what?


I believe you're using the wrong JS injection. All you need is to change the email right? So look for the injection that changes the email.
Z~Epsilon
Newbie Programmer
Learned: HTML, XHTML, CSS
Learning: PHP, C++
Zelth
Poster
Poster
 
Posts: 149
Joined: Mon Sep 08, 2008 7:45 pm
Blog: View Blog (0)


Re: Basic Mission 5

Post by UbiquitousWolf on Thu Sep 25, 2008 6:56 pm
([msg=12544]see Re: Basic Mission 5[/msg])

New postby bbab84 on Thu Sep 25, 2008 1:16 pm
Something still isn't right. This is what I did:
<input type=alert(document.forms[0].to.value)><void(document.cookie="Authorized=yes")><alert(document.forms[0].to.value)>

This is what I got out of what you told me, but I don't think it's right since nothing has changed. I know I'm missing something, but what?


Ok lets take a look at what you did here

<input type=alert(document.forms[0].to.value)>

You made an alert box pop up with information from forms[0]

<void(document.cookie="Authorized=yes")>

You made a field "Authorized=yes" in the cookies which isn't really used in the first place you find that out with alert prior to adding the field

<alert(document.forms[0].to.value)>

You made the alert box pop up a second time but still nothing was changed because you did not modify this field to start off with

Alright so basically you didn't change the e-mail all you did was make an alert box pop up showing you the information in forms[0] and then you added the field "Authorized=yes" into your cookie which has nothing to do with the e-mail field. Just think about it carefully and learn the difference of what the functions do (void = modifies, adds fields while alert just shows you the information). Read through the JS Injection link one last time and read carefully it pretty much tells you how to accomplish this mission. GL getting it and if you need anymore help just PM me.
I never think of the future - it comes soon enough.
UbiquitousWolf
New User
New User
 
Posts: 23
Joined: Sun Aug 24, 2008 2:15 pm
Blog: View Blog (0)


Re: Basic Mission 5

Post by dopje on Fri Sep 26, 2008 10:15 am
([msg=12590]see Re: Basic Mission 5[/msg])

can someone help me I've been trying this mission already 2 days its driving me insane :| pls tell me what to change
dopje
New User
New User
 
Posts: 1
Joined: Thu Sep 25, 2008 2:52 pm
Blog: View Blog (0)


Re: Basic Mission 5

Post by Elligari on Fri Sep 26, 2008 1:01 pm
([msg=12594]see Re: Basic Mission 5[/msg])

dopje wrote:can someone help me I've been trying this mission already 2 days its driving me insane :| pls tell me what to change

No.

Look at the source, look for something like

Code: Select all
<input type="hidden" name="**" value="*@*.*">

Do you need to change that? If so, Which part?
The name is your friend, in this input. We would use this to acquire control over the field and its contents. Now, have you read up on Inline Javascript? And how you can change values with it?

Code: Select all
javascript:d******t.g***************e[*].v***e="*";


A little Googling and you can solve this in a minute or two.
»Those whos memories fade seek to carve them into their hearts«
»All dreams are but another reality, never forget«

Image
Elligari
New User
New User
 
Posts: 41
Joined: Thu Aug 21, 2008 1:32 pm
Location: /dev/null
Blog: View Blog (0)


Re: Basic Mission 5

Post by bbab84 on Fri Sep 26, 2008 9:01 pm
([msg=12608]see Re: Basic Mission 5[/msg])

UbiquitousWolf wrote:
New postby bbab84 on Thu Sep 25, 2008 1:16 pm
Something still isn't right. This is what I did:
<input type=alert(document.forms[0].to.value)><void(document.cookie="Authorized=yes")><alert(document.forms[0].to.value)>

This is what I got out of what you told me, but I don't think it's right since nothing has changed. I know I'm missing something, but what?


Ok lets take a look at what you did here

<input type=alert(document.forms[0].to.value)>

You made an alert box pop up with information from forms[0]

<void(document.cookie="Authorized=yes")>

You made a field "Authorized=yes" in the cookies which isn't really used in the first place you find that out with alert prior to adding the field

<alert(document.forms[0].to.value)>

You made the alert box pop up a second time but still nothing was changed because you did not modify this field to start off with

Alright so basically you didn't change the e-mail all you did was make an alert box pop up showing you the information in forms[0] and then you added the field "Authorized=yes" into your cookie which has nothing to do with the e-mail field. Just think about it carefully and learn the difference of what the functions do (void = modifies, adds fields while alert just shows you the information). Read through the JS Injection link one last time and read carefully it pretty much tells you how to accomplish this mission. GL getting it and if you need anymore help just PM me.



Okay, so I got rid of everything I modified and started over. Now I get a 'Referrer code error', which I had already fixed in the first place, but I can't remember how I did it. I'm getting really frustrated because I keep going through trial and error and keep f***ing it up even more. But even if I get the referrer right, I still can't get the pw, only that it's been sent 'successfully'- which is bullshit, by the way, because if it were successful, I'd fricken have it by now!!! If I see you online, I'll pm you. But I really want to do this on my own...You know, 'Teach a (wo)man to fish...' blah, blah, blah.
Experience is what you get when you don't get what you want.
bbab84
New User
New User
 
Posts: 3
Joined: Wed Sep 24, 2008 2:35 pm
Location: Wisconsin, US
Blog: View Blog (0)


Re: Basic Mission 5

Post by Wunjo on Fri Sep 26, 2008 11:17 pm
([msg=12614]see Re: Basic Mission 5[/msg])

I'm completely baffled. I tried some basic javascript injections in Firefox 3 beta 5 (running in Ubuntu Hardy), and it just doesn't seem to be supported. For now I'm just trying to get it to echo some on-screen alerts, stuff like:

javascript:alert('Hello');

and nothing, flat-out -nothing- happens when I hit enter. The browser just sits there. I've checked half a dozen times to make sure I have javascript enabled and working.

Konquerer is no better. It actually brings up an error box telling me "protocol not supported: javascript". Wha..!? Again, I know JS is enabled in the browser. Can anyone give me a clue what else to check? I have no idea where to go from here.
Wunjo
New User
New User
 
Posts: 1
Joined: Fri Sep 26, 2008 11:04 pm
Blog: View Blog (0)


Re: Basic Mission 5

Post by pitchaxistheorem on Sat Sep 27, 2008 10:38 am
([msg=12644]see Re: Basic Mission 5[/msg])

Hi everyone... I'm sure i did right with the Javascript injection... i get the feeling it's supposed to be like Mission 4 but i keep
getting errors regarding Referals which i do not understand at this time... I'm running a Firefox ver 3.1 and also tried Internet Explorer... And obviously Javascripts are checked, and i'm aware Java and Javascripts are different. please help me with this referal thingy. I'm sure i'm supposed to be given the password by now.

EDIT: it seems a lot of learners are having problems with this mission... Am i missing something? I really don't have any idea... This referal thing is pissing me off. the guy who posted a link about Javascripts helps a lot but i really can't get any password. I know i'm doing it right and i know Javascript Injection is NOT a URL...
pitchaxistheorem
New User
New User
 
Posts: 4
Joined: Wed Jun 18, 2008 11:11 am
Blog: View Blog (0)


Re: Basic Mission 5

Post by Tpunk10 on Sat Jan 10, 2009 3:05 pm
([msg=15870]see Re: Basic Mission 5[/msg])

Just download and use Firefox with the firebug add-on to figure it out its way more easier...
Tpunk10
New User
New User
 
Posts: 2
Joined: Wed Jan 07, 2009 7:33 pm
Blog: View Blog (0)


PreviousNext

Return to Graveyard

Who is online

Users browsing this forum: No registered users and 0 guests