JavaScript Injection

Thursday, February 11, 2010 by BBTUNA
As with any self respecting beginners tutorial i'm gonna show you how to make your browser say 'hello world'. To do this you first need to empty the url bar of the browser completely, then type in the following code:
javascript:alert('Hello World');
This uses the function alert which as you should now know brings up an alert box.

Now onto something a bit more useful. Most websites you visit now will save a cookie on your computer, to see this you can use the following js:
javascript:alert(document.cookie);
You can also use the void function to add or change a variable. For my example i'm going to add a field called 'admin' and have its value set to 'true'. Here's how to do it:
javascript:void(document.cookie="Admin=True");
To see what effect this had use the following js again:
javascript:alert(document.cookie);
Alternatively you can concatenate the two commands (or for that matter any number of commands), in the following way:
javascript:void(document.cookie="Admin=True");javascript:alert(document.cookie);
Don't forget the ';' at the end of each command!

Now to fiddle with the http://elitehackers.info/forums forms/ >:) . If you right click and look at the source code for the page the first form you will see should be this:










All the forms are stored in any array called 'forms' so the first form will be 'forms[0]' and the second 'forms[1]' etc. We are going to be changing the value of the 'showposts' field.
First lets bring it up in an alert box so we can see what it's currently set as:
javascript:alert(document.forms[0].showposts.value);
This should popup an alert box shiwng the current value of 'showposts' which is '0'. To change this to '1' we will use the void function again:
javascript:void(document.forms[0].showposts.value="1");javascript:alert(document.forms[0].showposts.value);
Obviously this isn't very useful but used in other situations can come in handy. That's all folks!
Posted in | 0 Comments »

0 comments:

Post a Comment

About Me

Blog Archive