BASIC 7- OMFG

I can't seem to do the javascript injection part.

1. I put javascript:void(docu<i></i>ment.cookie="********={binary}")
2. I check if the binary is right.
3. Type sam in the user box and press "Login" After that it always says I am not authenticated. WTF?

You sort of have the right idea, but you're doing things in the wrong way. Read the description again and try other things out. I'm afraid if I give any more information I'll be spoiling the challenge.

You don't have to do it that way :) You can somehow make the password 'show' itself by manipulating the Javascript. :happy:

Wuls wrote: You don't have to do it that way :) You can somehow make the password 'show' itself by manipulating the Javascript. :happy:If you're talking about the username, there's no need to change the code it as it is already given as part of the challenge.

Omg.. lol forget what I said - I thought he meant JS7.. sorry.

javascript:void(docu<i></i>ment.cookie="********={binary}") That should be working for you… Im guessing its your binary that is wrong or you are just typing the injection in the wrong place. Heres a useful firefox extension for dealing with cookies in the future: Add N Edit Cookies

this is funny because me and slim whent threw this challenge the other day and we where talking about it before if you havent gotten it yet then keep it up your close.

I've been trying this challenge for months. I don't know how I could be close.:angry:

I am having a bit of trouble with this… I think I have the javascript code and i have the user name/pass, 'decrypted'… but im not sure where im supposed to enter my java code? do i just use the ****** editor to change the value from eg 'sam' to my java code? or do i just change that value to the 'decrypted' string/num vals? any help in the right direction would be helpful (and yes i know that once, the code is modified and saved i have to refresh) plz remove any of this if its a spoiler.

feel free to PM me if you need help ;)

hmmm, a mistake i amde wich kept me on realistic 1 for ages was copying and pasting the injection from an article but changin what needs changing, amke sure youv removed the "<i></i>" from the document part?

just a suggestion;)

lol, well thats not the problem, the problem is im not sure where i inject it. where my code actually goes

Edit- im starting to get it, i finally found some good info, any info would be appreciated still though

got it :P

got it :P

edit - sry for double post

ahah, it's soooo easy…think less than what y're thinking and you'll get the anwser:D