[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Sheflug] Viewing hard drive

To: <shef-lug [at] xxxxxxxxxxxxxxxxxxx>
Subject: Re: [Sheflug] Viewing hard drive
From: "Chris J" <xxxxx [at] xxxxxxxxxxxxxxxx>
Date: Thu, 9 May 2002 11:32:06 +0100 (BST)
Cc: <ian [at] xxxxxxxxxxxxxxxxxxxx>
Envelope-to: <shef-lug [at] list.sheflug.org.uk>
Importance: Normal
List-help: <mailto:shef-lug-request [at] list.sheflug.org.uk?subject=help>
List-id: Sheflug <shef-lug.list.sheflug.org.uk>
List-post: <mailto:shef-lug [at] list.sheflug.org.uk>
List-subscribe: <http://community.uklinux.net/mailman/listinfo/shef-lug>,<mailto:shef-lug-request [at] list.sheflug.org.uk?subject=subscribe>
List-unsubscribe: <http://community.uklinux.net/mailman/listinfo/shef-lug>,<mailto:shef-lug-request [at] list.sheflug.org.uk?subject=unsubscribe>
Reply-to: shef-lug [at] xxxxxxxxxxxxxxxxxxx
Sender: shef-lug-admin [at] xxxxxxxxxxxxxxxxxxx


And Lo! The Great Prophet "Ian W. Wright" uttered these words of wisdom...
> HI,
>
> A few days ago I mentioned that I had been surprised by an advert that
> appeared to be seeing through my firewall - well, someone suggested that
> it might have been done by a javascript and I have now located just such
> a script. So, if anyone is interested in playing with it, it is at
> http://webdeveloper.earthweb.com/webjs/item/0,3602,12760_52951,00.html
>

I knew there was summat I was going to follow up to many moons ago.

You don't even need Javascript, at least on Windows boxes, as this would do
the job:
<iframe src="file://c:\"></iframe>

Completely safe as it doesn't send owt back to server, but for the
uninitiated who don't know what a URL means, or how to read HTML its a
rather nasty trick to play and one which I have seen used.
Trying "file:///" (to try and get root directory) doesn't work though...what
it does on a Linux box I can't say 'til I get home to play. Anyone want to
experiment ?
Chris...

-- 
\ Chris Johnson                 \
 \ cej [at] nightwolf.org.uk          \
  \ http://cej.nightwolf.org.uk/  ~-----------------------------------+
   \ Redclaw chat - http://redclaw.org.uk - telnet redclaw.org.uk 2000 \____



___________________________________________________________________

Sheffield Linux User's Group -
http://www.sheflug.co.uk/mailfaq.html

  GNU the choice of a complete generation.

Follow-Ups:
- Re: [Sheflug] Viewing hard drive
  - From: Steve Tickle
- Re: [Sheflug] Viewing hard drive
  - From: Richard Stevenson

References:
- RE: [Sheflug] Re: Iptables
  - From: xxxxx
- RE: [Sheflug] Re: Iptables
  - From: xxxxx
- Re: [Sheflug] Re: Iptables
  - From: xxxxx
- Re: [Sheflug] Re: Iptables
  - From: xxxxx
- Re: [Sheflug] Re: Iptables
  - From: xxxxx
- Re: [Sheflug] Re: Iptables
  - From: xxxxx
- Re: [Sheflug] Re: Iptables
  - From: Andrew Basterfield
- Re: [Sheflug] Re: Iptables
  - From: Alex Hudson
- Re: [Sheflug] Re: Iptables
  - From: Andrew Basterfield
- Re: [Sheflug] Re: Iptables
  - From: Alex Hudson
- [Sheflug] Viewing hard drive
  - From: Ian W. Wright

Prev by Date: [Sheflug] Red Hat Problem
Next by Date: Re: [Sheflug] Viewing hard drive
Previous by thread: [Sheflug] Viewing hard drive
Next by thread: Re: [Sheflug] Viewing hard drive
Index(es):
- Date
- Thread