logo
::[Home]
::[News]
::[Challenges]
::[Ranking]
::[My Account]
::[Forum]
::[Chat]
::[Private Messages]
::[Vulnerable Code]
::[Tutorials]
::[Downloads/Scripts]
::[Support]
::[Links]
::[Contact/FAQ]
::[Login]
0 anonymous
Views: 1088895 Challenges: 342
Users: 12689 Online: 12

Settings
Search
0 new posts

omg !! – 5 Posts

  • omg !!

    07/27/2007 18:51
    giGGles's Avatar giGGles 390
    Not SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot Specified
    this is crazy??<br>http://www.holux.com/product/search.htm?filename=gpsreceiver_bluetooth_gpslim236.htm&amp;target=gpsreceiver00&amp;level=grandsonson<br>+++++++++++++++++<br>function loadTarget(){<br> if ((filename!=\"\")&amp;(target!=\"\")&amp;(level!=\"\")){<br> parent.mainFrame.location.href = filename+\"?target=\"+target+\"&amp;level=\"+level;<br> }<br>}<br>+++++++++++++++++<br><br>=&gt;http://www.holux.com/product/search.htm?filename=http://www.yahoo.com&amp;target=search&amp;level=search<br><br><br>
    Edit
    Reply
    Quote
    0 Likes
  • 07/27/2007 18:51
    UnknownUser's Avatar UnknownUser 2,7290
    Not SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot Specified
    no not crazy.<br><br>it's not entirely harmless. But everything interesting happens on the client side,<br>and within the right context.<br><br>You could make a website, and appear to be html injecting, this could<br>fool some people, and allow you to steal information.<br><br>But the technology does not allow you to execute any code on the remote host, <br>nor is it RFI or LFI.<br><br>javascript is also not executed with the credentials of the site, so ..<br><br>besides url spoofing .. it doesn't really do you much good imho
    Edit
    Reply
    Quote
    0 Likes
  • 07/27/2007 18:51
    Degenerate's Avatar Degenerate 550
    Not SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot Specified
    any chance someone can explain what this code does exactly? Is it just a way fo rpetending to be another url or what? Sorry for my ignorance... <img alt="\&quot;:)\&quot;" src="%5C">
    Edit
    Reply
    Quote
    0 Likes
  • 07/27/2007 18:51
    Degenerate's Avatar Degenerate 550
    Not SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot Specified
    Nevermind... I didn't notice the second link you had put, makes more sense to me now <img alt="\&quot;:)\&quot;" src="%5C">
    Edit
    Reply
    Quote
    0 Likes
  • 07/27/2007 18:51
    UnknownUser's Avatar UnknownUser 2,7290
    Not SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot SpecifiedNot Specified
    <pre> if ((filename!=\"\")&amp;(target!=\"\")&amp;(level!=\"\")) </pre><br><br>for the record to avoid confusion, and easy mistakes, <br>they should have used the logic &amp;&amp; instead of the binarry<br>&amp;. Just good practice.<br>
    Edit
    Reply
    Quote
    0 Likes