Java Injection
Back

Here are some bits of code that can be useful when attempting to affect change or gather information about a website. If you
actually know Java, you can do a whole lot more obviously, but here are some basics. To execute these commands, they need
to be typed directly into the address bar of the website that you are viewing.

You can check and see what cookies (if any) a site is running by using this command;
javascript:alert(document.cookie);

To edit cookies the page is running, type;
javascript:void(document.cookie="Field = myValue");
You can edit the "field" with a field value found through the previous alert command, or use another field value you feel may work.
In the "myValue" area, you enter your own value that you want the field to have. Remember, how and to what extent this works
depends on the site that you are visiting.

To edit a form on a webpage, you can do one of two things. You can download the page and edit it to enter in your own value,
or you can use javascript injection to edit the values. Injection is the best way to do this when a page has a refferer (which means that it is expecting all requests to come from an authorized source, eg. the page you are browsing). To inject form information, use the following template;
javascript:alert(document.forms[0].to.value="your value");
For the form number, (named "forms" generally, unless otherwise noted in the code) remember that the first form on the page is
0, and then goes up from there.