:[ Forums ]:
Topic: Bonus Challenge 2...injection!
| Author: | Message: |
| devolution Offline Forum Rank: n00b  Posts: 2 Thanks: 0 Standard User  | Hi people,
I have completed bonus challenge 2 by downloading the webpage. However, I want to do it with a javascript injection. Here what happens: I crack the code. I inject javascript to change the password box value to 'hello'. I SEE that the value has physically changed. I press submit... THE PAGE RELOADS! Why doesn't that work? Do I need to do a javascript injection to change the forms action? I know I have done the challenge and should move on but I need to know why this doesn't work! Thanks in advance! |
| #1 Back To Top | |
| BuRNeD Offline Forum Rank: Active User  Posts: 112 Thanks: 14 Moderator | That's because you haven't adjusted where the action will be posted, by default on the same page. But you don't want to send this to the page you saved on your disk, but rather to the site's page. So you'll have to change the "action" in the form and instead of nothing put the link of the real page using "http://www.example.com"
 |
| #2 Back To Top | |
| dokyriak Offline Forum Rank: n00b  Posts: 7 Thanks: 0 Standard User | I wasn`t able to do it downloading the page so I made it at last using javascript injection.
  D O K Y R I A K
 |
| #3 Back To Top | |
| Xssed Offline Forum Rank: n00b Posts: 2 Thanks: 0 Standard User | all hail firebug..
|
| #4 Back To Top |
Locked.
Online (last 15 mins): metallover
