Welcome to HBH! If you have tried to register and didn't get a verification email, please using the following link to resend the verification email.

Realistic 1 for Dummys


Realistic 1 for Dummys

By ghostghost | 14145 Reads |
0     0

Hey HBH!

Thanks for taking a look and I'm glad to help! Ok, so this is free writing so please forgive me if their is a grammer mistake or anything!

Ok, so you know you log onto as john doe with password as the password. So first thing is first is to find the secret file. So CHANGE THE DIRECTORY! Find it yet? gooood. So to do a javascript injection is really easy. So you know what you need to inject? One thing and one thing only. AuthID.. What does this look like? javascript:void(document.cookie="AuthID=AuthID_Here"); So to do this go to toys.php and inject the AuthID than hit refresh and change the price to $1

Congrads! You just finished Realistic 1! Happy hacking!

SwiftNomad

IF YOU USED THIS PLEASE RATE MY ARTICAL!

Comments
ghost's avatar
ghost 16 years ago

You inject the javascript in the URL-bar xD

ghost's avatar
ghost 16 years ago

hmm… either it's something wrong with my computer or its something wrong with me but it doesnt work for the js-injection:(

starofale's avatar
starofale 15 years ago

the injection wasn't working for me at first

in the end i just copied and pasted the AuthId and the number and it worked

i think i was just typing it wrong :angry:

D4rk Ang3el's avatar
D4rk Ang3el 15 years ago

very nice article guy thx

D4rk Ang3el's avatar
D4rk Ang3el 15 years ago

very nice article guy thx

yureon's avatar
yureon 13 years ago

*kept putting alert(yada…) instead of void…

tweezer's avatar
tweezer 13 years ago

So cracking the administrator password was unnecessary :(

QuicK2800's avatar
QuicK2800 11 years ago

How did you find toys.php?

achas's avatar
achas 8 years ago

Does trick still works as at June 2016? Well, after injecting AuthID in the toy.php then refreshing,you are still left in the same page,cannot be edited