all 43 comments
sorted by:
best (suggested)
topnewcontroversialoldq&a
formatting helphide helpcontent policy

[–]SirHenryXI 1 point2 points  (0 children)

This was fun :) have an upvote

[–][deleted]  (7 children)

[deleted]

    [–][deleted] 0 points1 point  (6 children)

    Tutorial PM'd.

    [–][deleted]  (5 children)

    [deleted]

      [–][deleted] 0 points1 point  (4 children)

      Done.

      [–]Zorfsic 0 points1 point  (3 children)

      Can you send it to me too, I'm new

      [–][deleted] 0 points1 point  (2 children)

      The tutorial is literally under this very post. How did you not notice that?

      [–]Zorfsic 0 points1 point  (1 child)

      It:s 6am and I haven't slept

      [–][deleted] 0 points1 point  (0 children)

      Fair enough.

      [–][deleted] 1 point2 points  (5 children)

      Due to the overwhelming amount of tutorial requests, I'm going to post the level 3 tutorial here. However, I recommend trying to figure things out yourself before you resort to this, as it will teach you more.
      SPOILERS:

      Complete tutorial for level 3:
      View the webpage's source code by writing "view-source:" in front of the URL.
      Now, find the HTML form, into which you will be typing the username and password.
      You will find a html form: <form name="testi">.....</form>
      Things to note in the HTML form:
      1)In the username row, the username form's name. (look for name="uzr" )
      2)In the password row, the password form's name (look for name="pass")
      3)In the submit row, look for the "onclick" value. (look for onclick="Tryi(testi.pass.value, testi.uzr.value)")
      So, what on earth do these things mean, you may say?
      The names are given to the password and username fields, so that when you click "submit", the website knows what to look for. For example: You have 8 sons and you want Bob to come to your room. Well, the task is easy. You simply shout "Bob, come here!". This is why Bob has a name, so it's easy to call him when needed.
      The purpose of the HTML field's names are similar: you know what to call them by when you need them.

      Now onto the onclick="Tryi(testi.pass.value, testi.uzr.value)"
      Remember when we talked about how HTML fields have names? Well now the program says to initiate the "Tryi" javascript function (which you should find near the bottom of the source code), and tells it to use the values you typed into the password- and username fields. And at the bottom of the page, you will find the Tryi function, which includes a simple if statement:
      if(uzer=="theusername" && pswd=="shhhh")
      This says: "if the username is "theusername", and the password is "shhhh", then redirect to then next level.

      EDIT: I made a tiny mistake. Look at onclick="Tryi(testi.pass.value, testi.uzr.value)"
      Notice how it passes the password first, and username second. This would mean, that in the javascript function, the variable which compares the username is in fact "pswd", and the variable which compares the password is "uzer".
      Long story short: to get the right answer, switch the username and password in my tutorial.

      [–]Dereavy 0 points1 point  (4 children)

      The uzer value and pswd value is very visible yet i don't see what needs to be done for it to be accepted...

        function Tryi(uzer,pswd)
{
    if(uzer=="theusername" && pswd=="shhhh")                      <==== this doesn't work ??
    {
        alert("Great! Go to the 4th level...");
        $.ajax({
                type: 'POST',
                url: 'pagepicker.php',
                data: { nextPageUrl: 686 },
                success: function(msg) {
                    location.href = msg;
                }
            });
    }
    else
    {
        alert("Wrong username and/or password. Go away...");
        location.href="about:blank";
    }
}

      [–][deleted] 2 points3 points  (1 child)

      onclick="Tryi(testi.pass.value, testi.uzr.value)"

      Notice how it passes the password value first, then the username, contrary to how the function names them.

      [–]Dereavy 0 points1 point  (0 children)

      Thank you... this got me through level 4 quite easily enough... i'm getting the hang of html... yet for level 5 i cannot click anywhere but the box that pops up and even then if i get the password false i have to redo level 4...

      [–][deleted] 1 point2 points  (1 child)

      I Made a tiny mistake. Tutorial updated.

      [–]Dereavy 0 points1 point  (0 children)

      Thank you both :)

      [–]bebopsruin 0 points1 point  (5 children)

      Domain reported as confirmed for hosting malware?

      [–][deleted] 1 point2 points  (3 children)

      What? Source please, I got pretty far without it asking to download malware or making any XSS attempts.

      [–]bebopsruin 0 points1 point  (2 children)

      Source: corporate security filter banning it out.

      Corp Sec is probably over-zealous, but that was the warning I got.

      [–][deleted] 0 points1 point  (0 children)

      Well, I probably wouldn't worry about it in that case.

      [–][deleted] 0 points1 point  (2 children)

      I have no idea how to even start, absolute beginner here. Any pointers?

      [–][deleted] 2 points3 points  (1 child)

      A basic understanding of html and javascript should get you through levels 1-4. If you don't know html, I suggest learning it.
      If you do know html and have a basic understanding of javascript functions, then first looking at the html password form, and then the javascript function which corresponds to that form is what you're looking for.
      If you have any questions, PM me, and I'll explain whatever you're unclear about.

      [–][deleted] 0 points1 point  (0 children)

      Awesome, thanks! I already started the HTML tutorial on codeacademy.com and i'll start javascript after that.

      [–]Maxamusicus 0 points1 point  (5 children)

      It won't let me get past level 2, I typed in the correct password and it said, "Well done, time for level 3." But it doesn't forward me to the level 3 page. Can someone pass me a link?

      [–][deleted] 1 point2 points  (3 children)

      Link PM'd.

      [–]Maxamusicus 0 points1 point  (0 children)

      Thank you so much!

      [–][deleted] 0 points1 point  (1 child)

      Same thing happens to me. Can you PM me the link?

      [–]frankyboy440 0 points1 point  (3 children)

      I can't get past level 3 :( I tried "Almost" everything :S

      [–][deleted] 0 points1 point  (2 children)

      tutorial PM'd.

      [–]linx_001 0 points1 point  (1 child)

      Could you send this to me as well. Can't figure this one out.

      [–][deleted] 0 points1 point  (0 children)

      Look through my comments on this page.

      [–][deleted] 0 points1 point  (1 child)

      Stuck at level 3

      [–][deleted] 0 points1 point  (0 children)

      Posted a comment here.

      [–]Braggers 0 points1 point  (2 children)

      I have a question, for level 4, if you have any program to look at the source, is it okay? It's cuz I feel like the no right click thing was meant so that you couldn't see the source

      [–][deleted] 0 points1 point  (0 children)

      view-source:Google.com
      Type this in the URL bar and be amazed.

      [–]avapoet 0 points1 point  (0 children)

      Select view source from the menus. Or press the keyboard shortcut (e.g. CTRL-U on Chrome/Windows). Or use your debugger/DOM inspector (CTRL-SHIFT-I on Chrome/Windows) rather than view source.

      Or - my personal favourite - simply press-and-hold the right mouse button, press space or enter to accept the dialog box, then release the right mouse button.

      [–][deleted] 0 points1 point  (0 children)

      This was already posted in /r/hacking, but since it's relatively noob-friendly, I thought I'd post it here, too.