我的朋友发现的JavaScript代码“利用”此漏洞
[英]JavaScript code to “exploit” this vulnerability my friend found
问题描述
I need help with an assignment that can show this hidden button that will skip a question (the website is membean) I have installed greasemonkey and tried 
我需要一个作业的帮助,该作业可以显示此隐藏按钮,该按钮将跳过问题(网站为membean)。
document.getElementById(“pass”).className = ”visible”;
But that didn't work. 但这没有用。 This is the HTML 这是HTML
<input class="hidden" id="pass" onclick="this.origText = this.value; this.value='Wait...'; that = this; setTimeout(function() {that.value = that.origText}, 15000);" type="submit" value="Pass" />
Can someone help? 有人可以帮忙吗?
2 个解决方案
解决方案1
2 2015-04-18 04:54:47
Your quotes seem off. 您的报价似乎不对。 Instead of 代替
document.getElementById(“pass”).className = ”visible”;
try 尝试
document.getElementById("pass").className = "visible";
解决方案2
0 2015-04-18 05:04:45
Presumably, the 'hidden' class is just setting the css property to display: none; 大概,'hidden'类只是将css属性设置为display: none; or visibility: hidden . 或visibility: hidden 。
You could just remove the 'hidden` class entirely: 您可以完全删除“ hidden”类:
document.getElementById("pass").className = "";
Which would remove the 'hidden' class. 这将删除“隐藏”类。 Or, you manipulate the css directly: 或者,您直接操作css:
document.getElementById("pass").style.visibility = "visible";
document.getElementById("myDIV").style.display = "block";
Those options should both work. 这些选择都应该起作用。
Or, you could just use the dev console in Chrome to unhide the element and click on it. 或者,您可以只使用Chrome中的开发者控制台取消隐藏元素,然后单击它。
Or, you could just not unhide the button using "onclick" exploits and take the SATs seriously. 或者,您无法使用“ onclick”漏洞来取消隐藏按钮,并认真对待SAT。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.