Enter password
Please enter a password to gain access to level 10

Remember level 5 and Javascript Injections, well here we go again. You start by looking at the source code and find nothing. Then you enter in a random password, get a authorization error and look around that site and nothing.

What is going on? Well let’s take a look at our cookies. Most browsers tell you where they store cookies and if you are using FireFox you can find them in:

Tools–>Options–>Privacy–>Show Cookies

Your cookies window should look like this:

If you notice the one I highlighted you will see a couple of things. One the cookie name is level10_authorized and the content is no. This is displayed in the lower left corner. This is indicating that when you put in a password that is incorrect it is setting a cookie that indicates to the page you are not authorized. So we need to change that cookie to indicate that we are authorized. This is where Javascript Injection comes in.

On the page where it says you are not authorized use the following injection:

You will notice we are changing the cookie value from no to yes. Refresh the page and level 10 is completed.

Now this is only one way of doing and there is another very popular way using FireFox’s Addon Cookie Editor. Since this a basic mission I thought it would be more helpfull to understand the basics then use tools like cookie editor (which I use all the time).