For this 10th basic mission, Sam has used a more “hidden” approach to authenticate users. since viewing the source is a dead end, I tried another approach which is to view the HTTP request headers using Live HTTP headers which is another, very useful firefox addon (grab it here), I could also have used Tamper data for that. Anyway, after monitoring the headers I’ve found an insteresting thing as shown here:
Live HTTP headers
As you can see, it’s an interesting information that we got here, we know that Sam is using a cookies based authentication method this time. We know this, now what?.
Now we must change the value of the cookie named “level10_authorized” to “yes”, and to do this, you can use raw Javascript or use a firefox addon such as tamper data, firebug,etc…
We will do it in raw JavaScript: while on the 10th mission webpage enter this JavaScript code in the address bar:
javascript:function a(){document.cookie="level10_authorized=no";}a();
Now click on the submit button, Congratz, you’ve completed the 10th mission
