Click here: LEVEL 10
I remember that here I write SPOILERS!
"This time Sam used a more temporary and "hidden" approach to
authenticating users, but he didn't think about whether or not those
users knew their way around javascript..."
So...
Let's look to cookies. To do this, we use Firebug addon, or Live HTTP Headers addon:
Live HTTP Headers: click on Live HTTP Headers icon, a window opens. If other words there are, of other sites, clear all. Then, on form of password of Level 10, we type a random password and click on "submit". Let's return on Live HTTP Headers. We note that we have some words. We note the following string:
Firebug: we open Firebug and click on tab "Cookie", and we see same strings
Now we must change the value of the cookie called "level10_authorized" to
"yes", and to do this, we can use raw Javascript or use a firefox
addon such as Tamper Data, Firebug, etc...
We use JavaScript: while on the 10th mission webpage enter this JavaScript code in the address bar:
javascript:function a(){document.cookie="level10_authorized=yes";}a();
or
javascript:alert(document.cookie="level10_authorized=yes");
Then, click on submit bottom.
Note: if JavaScript code doesn't work on url of your browser, it means that your browser isn't enabled to run JavaScript code. If you don't know how to do, use Internet Explorer because it has enabled JavaScript code on url!
===============> HTS: Basic Mission 11
Nessun commento:
Posta un commento