haha01haha01 wrote:you need to use window instead of document.
but I still couldn't get it to work. Then I went to a tab I still left open (Do some Google searches for Freakwolfe; he was mentioned in another thread.) and tried something that seemed to jump out to say "THIS WILL WORK." Copy, paste, nothing. Edit a single thing,
It's beyond the scope of this mission to check the XSS. So, assume you got this cookie:[cookie data]
That brings me to the next bit: The code seems to need to be EXACT, but the URL is arbitrary; you're given the cookie on the "Private Message" page.
If you've gone through all of this thread's pages so far and still can't get it, good luck! It's an easy concept but extremely frustrating to figure out. I'd say more about it but I'm not entirely sure what constitutes a "spoiler" and I don't want to push it too far. If you need more, message me!