JS4 dum dum duuum

Ive read all the articles on XSS and i understand completely (i think) i just have no clue of what code im ment to use i know nothing of xss

Since it's a JavaScript challenge, you have to use that code. The code you use to view a cookie. You just have to implement it in the same way you would put the code in HTML. If you don't know, <url>http://www.w3schools.com/js/default.asp</url> has everything you need in there. Providing you know a tiny amount of XSS that is.

I can't beleive how amazing w3shools is when you start off.

I'm sure you know the code; it's just simple Javscript to alert the cookie. Your problem most likely lies in crafting.

If you're read up on XSS attacks, you'd know the most of it is linking through crafted URLS. Now, the "submit=Use+This" field is what you'll be crafting your "XSS" attack from. You need to manipulate this into alerting the cookie.

I know some XSS too, but I really don't know how to insert my 'code' in there… Whatever I do, it gives me a blank page.

any help? :P

okay if you view the sources of pages you notice that the javascript in the html source is represented like so <script>and ends with </script> .

that means you dont need to type javascript out and it means it can be added to the end of the url. (hence wat an XSS is) Spoiler* So it should start out with <script> then just use a code you normally use to view a cookie and close it</script>*

I tried that… But whatever I do, I get a blank page… Probably the host, blocking out XSS attacks… :(

pm me wat you tried and ill tell you

i tried a script on the end but i dont know weather its right or not pm me for the acript if you have completed the challenge and want to see what i have

Just PM me, I'll sort it.