JOTD(2): Hacking CodeProject
-
Hello Well, err... Not exactly!!:-D It's a simple flaw in the error reporting script that I wanted to exploit just for fun. Here is the link.[^] No offence Chris.:cool:
Regards:rose:
-
Hello Well, err... Not exactly!!:-D It's a simple flaw in the error reporting script that I wanted to exploit just for fun. Here is the link.[^] No offence Chris.:cool:
Regards:rose:
It's not exactly a flaw, since you can't really do anything on the server with it, and even if you managed to render arbitrary Javascript to the page (not likely since the string is html-encoded by the server) it would only execute on your machine or on the machines of people who clicked on a link you provided.
-
It's not exactly a flaw, since you can't really do anything on the server with it, and even if you managed to render arbitrary Javascript to the page (not likely since the string is html-encoded by the server) it would only execute on your machine or on the machines of people who clicked on a link you provided.
Just like I said, it isn't a real hack. It's just fun to display something silly on a CP page.
Regards:rose:
-
Hello Well, err... Not exactly!!:-D It's a simple flaw in the error reporting script that I wanted to exploit just for fun. Here is the link.[^] No offence Chris.:cool:
Regards:rose:
-
Hello Well, err... Not exactly!!:-D It's a simple flaw in the error reporting script that I wanted to exploit just for fun. Here is the link.[^] No offence Chris.:cool:
Regards:rose:
It's not bad now. I did point out in the past that you could embed your own html into that error url (I made an error page that showed you a nice picture of a cat.) It got fixed pretty quickly :)
-- Help me! I'm turning into a grapefruit! Buzzwords!
-
It's not bad now. I did point out in the past that you could embed your own html into that error url (I made an error page that showed you a nice picture of a cat.) It got fixed pretty quickly :)
-- Help me! I'm turning into a grapefruit! Buzzwords!
I tried putting javascript into it, but i couldnt. I guess that is why. :)