Follow us on Twitter!
Never in the field of human conflict was so much owed by so many to so few. - Winston Churchill
Friday, August 28, 2015
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 21
Guests Online: 18
TeamSpeak Online : 5 Members Online: 3

Registered Members: 89819
Newest Member: southpaw
Latest Articles
View Thread

HellBound Hackers | Challenges | Javascript

Author

JS 4

Numlock91
Member



Posts: 4
Location:
Joined: 07.08.13
Rank:
Mad User
Posted on 11-08-13 20:47
I'be used firebug to change the get i then made the button to display the cookie. I'm not sure if i'm displaying the correct cookie could someone point me in the right direction..?
Author

RE: JS 4

rex_mundi
☆ Lucifer ☆



Posts: 1922
Location: Scotland
Joined: 20.02.08
Rank:
God
Posted on 11-08-13 21:27
You don't need to use firebug or anything else, GET variables are displayed in the browser's address bar.

You're not looking for a specific cookie either, just a generic alert will do.
U N ⓡⓔⓧ_ⓜⓤⓝⓓⓘ
Author

RE: JS 4

appas
Member

Your avatar

Posts: 4
Location:
Joined: 19.04.15
Rank:
Moderate
Posted on 29-04-15 22:30
I don't understand. I can view cookies with Developer Tools (Vivaldi browser), but what am I supposed to do with the cookie and the button? What do you mean by "a basic alert"?
Author

RE: JS 4

MrCyph3r
Member



Posts: 770
Location:
Joined: 09.08.14
Rank:
God
Posted on 29-04-15 22:59
The button is used to send a GET request (named 'submit') to index.php.
A basic alert is something like this:

Code
<script>alert('Hello World');</script>




You need to take advantage of this to make it alert the hidden cookie.
Author

RE: JS 4

appas
Member

Your avatar

Posts: 4
Location:
Joined: 19.04.15
Rank:
Moderate
Posted on 30-04-15 15:37
Ok, I think I'm on the right path but not quite there. How am I supposed to use the GET parameter?
If I write .......Spoiler removed......... in the Javascript console, I just get an empty alert box. In Developer Tools, I can see the site cookie (with fields beginning fusion_ and a PHP session ID). But I think there is another cookie (the "hidden cookie"Wink

Edited by rex_mundi on 30-04-15 22:32
Author

RE: JS 4

rex_mundi
☆ Lucifer ☆



Posts: 1922
Location: Scotland
Joined: 20.02.08
Rank:
God
Posted on 30-04-15 22:34
The way you exploit the GET is thought the url, don't use firefox or anything else, type in in the address bar.
U N ⓡⓔⓧ_ⓜⓤⓝⓓⓘ
Author

RE: JS 4

Huitzilopochtli
Member



Posts: 1313
Location:
Joined: 19.02.13
Rank:
God
Warn Level: 1
Posted on 01-05-15 01:07
What you used in the consol would normally be accepted, but this challenge is hardcoded to only accept the answer via the url, and was made long before you needed to use add ons for the js.