alright i have read up on java script editing on a website provided to me by SpOonWiZaRd (Thanks again man) but i read up on the script: javascript: void(document.cookie="PHPSESSID=Hacked"); alert(document.cookie) the site said it is suppose to change the cookie but it just creates a new one at the end of the list. is there something i am doin wrong in this script. i do know that you are suppose to put the first part of the cookie where it say "PHPSESSID" but i did that and it still placed a new cookie at the end of the list.. can someone tell me what i am doing wrong -Thanks
Maybe you must try the injection using your cookie, type the injection in the content of the cookie, but if that doesn't work then the site is not entirely vulnerable to javascript injections. The creator of the site could have patched it when he created it. Is the persons account yourt trying to hack on the same network as you?
Then go to this site and subcribe, they have soooo many java and basic web hacking challenges you can do to learn that http://www.hellboundhackers.org and http://www.hackthissite.org enjoy!