Follow us on Twitter!
Your life is ending one minute at a time. If you were to die tomorrow, what would you do today?
Wednesday, April 23, 2014
Navigation
Home
HellBoundHackers Main:
HellBoundHackers Find:
HellBoundHackers Information:
Learn
Communicate
Submit
Shop
Challenges
HellBoundHackers Exploit:
HellBoundHackers Programming:
HellBoundHackers Think:
HellBoundHackers Track:
HellBoundHackers Patch:
HellBoundHackers Other:
HellBoundHackers Need Help?
Other
Members Online
Total Online: 23
Guests Online: 20
Members Online: 3

Registered Members: 82886
Newest Member: The Slummy
Latest Articles
View Thread

HellBound Hackers | Challenges | Javascript

Author

JS4 dum dum duuum


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 12-10-05 00:40
Ive read all the articles on XSS and i understand completely (i think) i just have no clue of what code im ment to use i know nothing of xss


Author

RE: JS4 dum dum duuum


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 12-10-05 19:21
Since it's a JavaScript challenge, you have to use that code. The code you use to view a cookie. You just have to implement it in the same way you would put the code in HTML. If you don't know, <url>http://www.w3schools.com/js/default.asp</url> has everything you need in there. Providing you know a tiny amount of XSS that is.

I can't beleive how amazing w3shools is when you start off.


Author

RE: JS4 dum dum duuum


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 12-10-05 20:54
I'm sure you know the code; it's just simple Javscript to alert the cookie. Your problem most likely lies in crafting.

If you're read up on XSS attacks, you'd know the most of it is linking through crafted URLS. Now, the "submit=Use+This" field is what you'll be crafting your "XSS" attack from. You need to manipulate this into alerting the cookie.
Author

RE: JS4 dum dum duuum


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 13-10-05 09:44
I know some XSS too, but I really don't know how to insert my 'code' in there... Whatever I do, it gives me a blank page.

any help? Pfft


Author

RE: JS4 dum dum duuum


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 13-10-05 20:03
okay if you view the sources of pages you notice that the javascript in the html source is represented like so <script>and ends with </script> .

that means you dont need to type javascript out and it means it can be added to the end of the url. (hence wat an XSS is)
Spoiler*
So it should start out with <script> then just use a code you normally use to view a cookie and close it</script>*


Author

RE: JS4 dum dum duuum


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 13-10-05 20:45
I tried that... But whatever I do, I get a blank page... Probably the host, blocking out XSS attacks... Sad


Author

RE: JS4 dum dum duuum


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 14-10-05 00:09
pm me wat you tried and ill tell you


Author

RE: JS4 dum dum duuum


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 15-10-05 21:27
i tried a script on the end but i dont know weather its right or not pm me for the acript if you have completed the challenge and want to see what i have


Author

RE: JS4 dum dum duuum


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 16-10-05 02:41
Just PM me, I'll sort it.

Edited by on 16-10-05 02:44