Web - Client

Hello,

Trying to solve the xss challenge 1, I am able to insert javascript, and to get information (like cookie) but the thing is .. not working. I can send custom text to my cookie receiver (simple php page) but when i try to send document.cookie ( is it spoil ? I don’t think so as to get the admin session, not so much choice is left I think ...), there’s nothing. cookie is empty and I don’t receive nothing (or "" ) even when the admin has supposedly read the forum ("All messages have been read").
I dont get it ... What am i missing ?

Thank you

Nicolas

Ps: if spoil is needed, possible to pm me ?

Some methods doesn’t work. Use document.location

Hi Guys,

not sure what im doing working i have inserted JS code and i get a connection back with with ADMIN_COOKIE. after adding the cookie and refreshing the page the status changes from visitor to admin.
but i dont see password on the page???