JavaScript code to “exploit” this vulnerability my friend found

Question

I need help with an assignment that can show this hidden button that will skip a question (the website is membean) I have installed greasemonkey and tried

document.getElementById(“pass”).className = ”visible”;

But that didn't work. This is the HTML

<input class="hidden" id="pass" onclick="this.origText = this.value;         this.value='Wait...'; that = this; setTimeout(function()         {that.value = that.origText}, 15000);" type="submit" value="Pass" />

Can someone help?

Answer 1

Your quotes seem off. Instead of

document.getElementById(“pass”).className = ”visible”;

try

document.getElementById("pass").className = "visible";

Answer 2

Presumably, the 'hidden' class is just setting the css property to display: none; or visibility: hidden .

You could just remove the 'hidden` class entirely:

document.getElementById("pass").className = "";

Which would remove the 'hidden' class. Or, you manipulate the css directly:

document.getElementById("pass").style.visibility = "visible";
document.getElementById("myDIV").style.display = "block";

Those options should both work.

Or, you could just use the dev console in Chrome to unhide the element and click on it.

Or, you could just not unhide the button using "onclick" exploits and take the SATs seriously.