Need help on basic 7 - May have spoilers

Howdy. Ive been trying to get past this all day. I converted "sam" to binary and put javascript:alert(document.cookie="username=******** ******** ") and it says username= ******** ******** after that I put sam in the login box and hit enter but it says I'm not authenicated. Am I doing the java script wrong? I have also tried javascript:void(document.cookie="username=******** ******** ********";); but still nothing worked. Please help.

Hey I did this challange the other day try downloading a cookie editor for firefox.. hope this helps

firstly, you must download a cookie editor (extension for firefox) or use a js injection for alert the cookies, but i think that the cookie editor is better… also try to read some articles they help you a lot! hope that helps ;)

Actually, it'd be more useful if you did: javascript:document.write(document.cookie); Then, copy & paste that into any text editor of your choice. That way you don't have to keep alerting the cookies to make sure you got capitlization/spelling/etc. right. It's also easier to see ALL of the cookies.

Secondly, i don't think you use spaces after your conversion.

ZZUBZIZ575 wrote: Howdy. Ive been trying to get past this all day. I converted "sam" to binary and put javascript:alert(document.cookie="username=******** ******** ") and it says username= ******** ******** after that I put sam in the login box and hit enter but it says I'm not authenicated. Am I doing the java script wrong? I have also tried javascript:void(document.cookie="username=******** ******** ********";); but still nothing worked. Please help.

For one, you're trying to write a new cookie with the alert function………..can't do that.

slpctrl wrote: [quote]ZZUBZIZ575 wrote: Howdy. Ive been trying to get past this all day. I converted "sam" to binary and put javascript:alert(document.cookie="username=******** ******** ") and it says username= ******** ******** after that I put sam in the login box and hit enter but it says I'm not authenicated. Am I doing the java script wrong? I have also tried javascript:void(document.cookie="username=******** ******** ********";); but still nothing worked. Please help.

For one, you're trying to write a new cookie with the alert function………..can't do that.[/quote]

Rofl, i didn't even notice that, but he said:

I have also tried javascript:void(document.cookie="username=******** ******** ********";); Which, now that i look at it, is there a reason you put that semicolon before the )?

it's better to not use a cookie editor so you don't get used to having tools doing the work for you without you understanding what's going on, use the injection for the challenge, and then after you complete it try the cookie editor. end3r

i happened to pick the worst firefox cookie editor available :@ , and that didn't work for the challenge. do a good ol' js injection by making/changing the cookie to be what you want it to be.you may want to alert yourself to the cookie name you want first though. also, the ASCII encryption sam part doesn't have spaces.