admin管理员组文章数量:1240567
Just above the answer box an error would appear on wrong attempt which says "Incorrect Answer". Additionally we have unlimited number of attempts.
Above is the website preview with detailed information.
Code:
<form id="level" method="post">
<label for="answer">Answer:</label>
<input type="text" name="answer" id="answer" />
<input type="submit" name="submit" id="submit" value="Submit" />
</form>
So simply here we get to know that the form does not have action source. The only way (which I know) is to hack through javascript. Like the one used to spam Facebook and Orkut, where we have to put in the javascript in URI, address bar.
I have built a javascript (for the address bar) to link to the other javascript files.
And if someone know some online javascript brute force script or something online that could be linked through javascript.
Just above the answer box an error would appear on wrong attempt which says "Incorrect Answer". Additionally we have unlimited number of attempts.
Above is the website preview with detailed information.
Code:
<form id="level" method="post">
<label for="answer">Answer:</label>
<input type="text" name="answer" id="answer" />
<input type="submit" name="submit" id="submit" value="Submit" />
</form>
So simply here we get to know that the form does not have action source. The only way (which I know) is to hack through javascript. Like the one used to spam Facebook and Orkut, where we have to put in the javascript in URI, address bar.
I have built a javascript (for the address bar) to link to the other javascript files.
And if someone know some online javascript brute force script or something online that could be linked through javascript.
Share Improve this question edited Jan 7, 2021 at 20:02 inetphantom 2,5944 gold badges41 silver badges65 bronze badges asked Jul 16, 2011 at 5:19 SurajSuraj 9306 gold badges23 silver badges44 bronze badges3 Answers
Reset to default 9As much as I hate to tell people how to do this sort of thing, it's an interesting problem.
I should say first, however, that a brute force solution will likely take too long to be practical. If the solution is 8 characters long, and we try 1 million possibilities per second (a very optimistic assumption), it would take about 5 years to try out all of the possibilities.
Nevertheless, here is some Javascript code that you should be able to modify to fit your needs:
var chars = ["a","b","c","d","e","f","g","h","i","j,","k","l","m","n","o","p","q","r","s","t","u","v","w","x","y","z"," "];
while(document.getElementById("answerResult").innerHtml != "Correct Answer"){
var len = Math.floor(Math.random() * 20);
var str = "";
while(str.length < len){
str += chars[Math.floor(Math.random() * chars.length)];
}
document.getElementId("answer").value = str;
document.getElementById("level").submit();
}
This solution does not actually use brute force. It implements a method similar to bogosort. While more fun and simple, it may take a bit longer to finish. If you're an incredibly lucky person, it might be solved on the first iteration.
You need to find the script it's connecting to. Use this http://blog.getfirebug./2009/10/30/event-listener-view-for-firebug/ to see what event listeners are associated with the button. You might also need to download a javascript deobfuscator plugin for firefox https://addons.mozilla/en-US/firefox/addon/javascript-deobfuscator/
static String seqToken(long value) {
String[] digitsAlpabets = { "a", "b", "c", "d", "e", "f", "g", "h",
"i", "j", "k", "l", "m", "n", "o", "p", "q", "r", "s", "t",
"u", "v", "w", "x", "y", "z", "0", "1", "2", "3", "4", "5",
"6", "7", "8", "9" };
int codePoint = (int) (--value % 36);
long higher = value / 36;
String letter = digitsAlpabets[codePoint];
return higher == 0 ? letter : seqToken(higher).concat(letter);
}
change the character set as you like and use the size accordingly To get the sequence generator.
本文标签: webformsJavaScript brute force into web formStack Overflow
版权声明:本文标题:webforms - JavaScript brute force into web form - Stack Overflow 内容由网友自发贡献,该文观点仅代表作者本人, 转载请联系作者并注明出处:http://www.betaflare.com/web/1740083238a2223603.html, 本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌抄袭侵权/违法违规的内容,一经查实,本站将立刻删除。
发表评论