Elec0
Expert Cheater
 Reputation: 0
Joined: 21 Nov 2007
Posts: 188
Location: Out of my mind, back in five minutes.
|
 Posted: Wed Mar 19, 2008 2:55 pm Post subject: [Javascript]Javascript Injection |
 |
|
Okay, I am learning different things about hacking, using HackThisSite.org. And one of the things is Javascript Injection. Personally, I found this really fun and it peaked my interest in JavaScript.
Okay, here goes.
Javascript Injection
Okay, for this you might want to sign up with HackThisSite.org just to have something to practice on.
This tutorial will cover the Basic 4 and 5 challenges in HTS.
Okay, if you want to inject JS code into a website, (let's just use CE for easy access) you type your JS code into the URL bar.
Let's do a simple alert message.
| Code: |
Javascript:alert("Hello World!!");
|
Type that in and you will get a message box saying Hello World!!. You can also have two commands on the same line, like this:
| Code: |
Javascript:alert("Hello"); alert("World!!");
|
That would display two alert boxes, one saying Hello and one saying World!!.
Cookie Editing
Okay, here is another use that you can do with JS, one of the ones that you will use a lot if you use JS injection. It's called cookie editing, you can display the cookies like this:
| Code: |
Javascript:alert(document.cookie);
|
That would display all the cookies on the page you are on. Try it now on this page, what do you get? A whole bunch of random letters? That is the PHPSESSID, otherwise known as a PHP session id.
Now, if you want to set a cookie or add a new value to a cookie, you would do it like this:
| Code: |
Javascript:void(document.cookie="Cookie = Value")
|
So, let's say that we want to make a new cookie for this page, let's call it Authorized and set the value to yes.
You would do it like this:
| Code: |
Javascript:void(document.cookie="Authorized = yes")
|
Okay, this makes sense, you say. But what does this have to do with HTS?
Well, for the basic mission #4 you have to change the email address that it sends the password to, (it won't actually send anything to you, though.)
To do that you have to change the value of that particular variable.
If you look at the source code of that part in the page, you get this:
| Code: |
<form action="/missions/basic/4/level4.php" method="post">
<input type="hidden" name="to" value="[email protected]"><input type="submit" value="Send password to Sam"></form></center><br /><br /><center><b>Password:</b><br />
<form action="/missions/basic/4/index.php" method="post">
<input type="password" name="password"><br /><br />
<input type="submit" value="submit"></form>
|
Now, when someone is using a form, the forms in the page are numbered, the first form being forms[0].
To see what the form has in it, then go to the page and type this in:
| Code: |
Javascript:alert(document.forms[0].to.value);
|
It will give you [email protected] or something.
Now, if you want to change a form with JS, you would use the void command again, like this:
That changes the value from [email protected] to whatever you put in there.
If you are a Javascript guru, you can see that you can do a lot using JS injection.
URL Javascript Programs
Okay, I got bored and decided to write a one line program using Javascript, here is what I got:
| Code: |
javascript:c=window.open('','','width=200,height=100'); c.document.writeln('<html><head><script type="text/javascript">function OpenBox() { alert("Cookies: " + document.cookie); } </script><center> <br><input type="button" name="Something" onclick="OpenBox()" value="View Cookies"><br><br>Help: Just click the button. </center></body></html>');
|
Long isn't it? Well, if you copy and paste that into the URL bar here, and hit enter, it will give you a new window with a button and wen you click the button, it will show you the cookies. Try it now.
But notice this part:
| Code: |
c=window.open('','',width=200,height=100')
|
That names the window c.
Now, for when I am writing to the window, you have to use a code like this:
| Code: |
c.document.writeln('BlahBlah.');
|
That would write BlahBlah to the window.
Get it?
Try writing your own single line program, then post it here, show us what you can do!
~Elec0
_________________
|
|
FAQ
Search
Memberlist
Usergroups
Register
Profile
Log in to check your private messages
Log in
Reputation: 2
