hi how long will my sever be up??

You should. ;)

hi admin. i modified the script , but no response for several days. that mean my script was long?? but in test of chall page, al**rt() was succesfully noted.

hmm. could i get some information or others?

thanks regards.

hi, could you get the reply from the victim or still waiting?

He has finished this level.
This level works.
The problem is from your script :)

Is there a way to increase the 25 character limitation?

Or is there way to inject the code in fragments using multiple post. Will this work?

Yes tlotr there is a way to inject the code in fragments :)

Okay I was able to make the code work using fragments of it. Now I get a alert popup for document.cookie but the level still shows incomplete. Do I have to wait for sometime/days/weeks and then only it will show that it’s completed. Or I have to do something else other than making a document.cookie to work on the page?

You have find the vulnerabilities.
Now search what you can do with it
Remember that this level is a Real one

Wasn’t job to get the cookie. Now I am getting the cookie on a pop up every time I open the page but then after clicking on OK nothing happens. Am I missing something?

That’s normal ^^
Did you read my post ?…

Okay I was up all night till morning trying to make the code work but was unsuccessful. I just wanted to know if re-direction works on the page. I mean I have the code and it is using document.location which is having my web server name which has the .php file but for some reason the code is not executing. I think there are some rules set so that the page doesn’t re-direct to another page. Is this right? So I have to do something else to get the access? Any one who has completed the level using a web server can may be PM me and I will send you the code that I am using. I even tried the onload event handler but that doesn’t work either. However the onload event handler works for popping up an alert box which is not what I want right now. I want the cookie… :D

Also I wanted to know if anyone tried creating a function and then using the onload event handler to execute it and if it worked. I have couple of codes for that too but those didn’t worked either. Maybe I am over thinking and that is what I do actually. I over think a lot but a little nudge from some one to put me in the right direction would be really helpful.