Posted by intrik on April 26, 2007
However, with this technique someone can alter almost everything in a page.For example an image.Lets suppose that there is an image
with the site’s logo.By viewing the source of the page (This can be done by going to View-Source) we find this piece of HTML code:
So there is an image named “hi” and the source of it is “hello.gif”.We want to change this to bye.jpeg that is stored on our site http://www.mysite.com
So the full URL of our image is http://www.mysite.com/bye.jpeg
You will see an alert saying http://www.mysite.com/bye.jpeg and after that the image will be changed.Notice though that those
changes are temporary!If you refresh the page or enter it again your changes will be lost,because you dont alter the site in the server
but in your PC.
Using the same way we can view or change the value of variables.For example we find this piece of code in the site’s source:
var a=”test” This means that the variable with the name a has the value “test”.In order to view the value of the variable we would type:
and in order to change it from test to hello:
We want the form to be sent to our mailbox and not to firstname.lastname@example.org
This can be done by this command:
As you have noticed by now we always use a hierarchy in the items we edit:
We start from the bigger to the smaller:
1)We started with document
2)we typed the name of the object we wanted to alter (for example document.hi.src) or the item in which it belonged and then the
name of it (for example document.format.mail.value)
3)Lastly we ended in the attribute of the item we wanted to change (for example its source: document.hi.src, or its value: document.format.mail.value)
4)We separated the words using dots (.)
5)When we wanted to change an attribute we used the equal sign (=) and the new attribute.
*NOTE:We use “” when the new attribute is a character string (for example: document.format.mail.value=”email@example.com”)
If we wanted it to be the value of a variable we wouldnt used the “”.For example we want to change the variable a’s value to
However most items in a page have no name.For example:
In this code the form’s name is missing.Using all the above, the command would look like this:
In this case we will have to count all the forms to find out the form’s number.I will use an example:
In this code we see 3 forms,but the one we are interested in is the second.So the number of the form we want is 2.
number 0.it goes 0,1,2,3 etc
So the actual number of the form is number 1 not 2.In general find the number of the form and take out one (number-1).
We will use this number to fill in the gap in our command:
Like this you can change images or links that have no name.To do that just change “forms” to the type of item you want to change:
Lastly,we can use this technique to edit cookies.
The command is the following and was written by Dr_aMado from triviasecurity.net,but i altered it a bit so that it shows the cookie before the user edits it.
Just copy-paste this line to the adress bar:
As a conclusion,i must stress that the changes are made only on the user’s side!It’s like saving the site in your PC and then modifying it.However,
using this technique you can trick a page (for example with cookies) or pass the reference security of a page.For example some pages check from
where the user sends the data.Specifficaly if the data from http://www.test.com/form.php was sent to http://www.test.com/check.php, check.php possibly
using something like this technique you will be able to alter pictures and staff like that permanently!However you need further knowledge than the one
which is provided here.