Sciencemadness Discussion Board
Not logged in [Login ]
Go To Bottom

Printable Version  
Author: Subject: Problem: posting 'outside' the box
Ramiel
Vicious like a ferret
***




Posts: 484
Registered: 19-8-2002
Location: Room at the Back, Australia
Member Is Offline

Mood: Semi-demented

[*] posted on 4-1-2004 at 00:16
Problem: posting 'outside' the box


Erm, Just testing if a little hypothesys is true;

<html><td><font face="Times New Roman" Size="+1">Here is a LITTLE text written in HTML.</font></td></html>

(written postscript)
And now, i try to type something after the /html tag, and it appears to me to be outside the conclusion of my posting window, as it were. Perhaps a little problem with the board code?

Another thing - when typing between the html and /html tags, normal keyboard returns are treated as 'br' tags.

[Edited on 4-1-2004 by Ramiel]




Caveat Orator
View user's profile View All Posts By User This user has MSN Messenger
Ramiel
Vicious like a ferret
***




Posts: 484
Registered: 19-8-2002
Location: Room at the Back, Australia
Member Is Offline

Mood: Semi-demented

[*] posted on 4-1-2004 at 00:20


ah, what you see there is the aftermath of a 'td' tag.
the other 'table' tag does something similar.

hehe, oops.

[edit]
ps. another discovery - even after the '/html' tag, html code is still interpreted and "marked up"

[Edited on 4-1-2004 by Ramiel]




Caveat Orator
View user's profile View All Posts By User This user has MSN Messenger
I am a fish
undersea enforcer
****




Posts: 600
Registered: 16-1-2003
Location: Bath, United Kingdom
Member Is Offline

Mood: Ichthyoidal

[*] posted on 4-1-2004 at 03:56


<html><td bgcolor="#FF00FF">That's pretty cool</td><td bgcolor="#FFFF00">I would have thought that non text related HTML would be parsed out.</td><td bgcolor="#00FF00">I wonder if they'll fix it.</td></html>



1f `/0u (4|\\| |234d 7|-|15, `/0u |234||`/ |\\|33d 70 937 0u7 /\\/\\0|23.
View user's profile Visit user's homepage View All Posts By User
Polverone
Now celebrating 21 years of madness
*********




Posts: 3186
Registered: 19-5-2002
Location: The Sunny Pacific Northwest
Member Is Offline

Mood: Waiting for spring

[*] posted on 4-1-2004 at 10:08


Probably not. The XMB team has been extremely slow in fixing security holes; exploits that just allow the appearance of pages to be altered are surely of even lower priority.
View user's profile Visit user's homepage View All Posts By User
Blind Angel
National Hazard
****




Posts: 845
Registered: 24-11-2002
Location: Québec
Member Is Offline

Mood: Meh!

[*] posted on 4-1-2004 at 10:58


well, i you can post outside like this i dont know if you could use this exploit to add a PHP tag

[Edited on 4-1-2004 by Blind Angel]




/}/_//|//) /-\\/|//¬/=/_
My PGP Key Fingerprint: D4EA A609 55E4 7ADD 8529 359D D6E2 33F6 4C76 78ED
View user's profile View All Posts By User This user has MSN Messenger
Ramiel
Vicious like a ferret
***




Posts: 484
Registered: 19-8-2002
Location: Room at the Back, Australia
Member Is Offline

Mood: Semi-demented

[*] posted on 4-1-2004 at 17:17


ah well, it opens up a whole new level of style for posts... if you know html.

btw, Does this stink of a <html><a href="http://www.sciencemadness.org/talk/viewthread.php?tid=1">coverup</a></html> to you?
Very suspicious to me




Caveat Orator
View user's profile View All Posts By User This user has MSN Messenger
The_Davster
A pnictogen
*******




Posts: 2861
Registered: 18-11-2003
Member Is Offline

Mood: .

[*] posted on 4-1-2004 at 17:42


Thats weird, I thought members had access to everything....

edit: works with 111 , 765, 756, 7865, 6747, and all really large numbers also,
I think that those thread numbers simply havent been created yet, but that doesent explain why 1 and other numbers in the middle doesent exist.



[Edited on 5-1-2004 by rogue chemist]
View user's profile View All Posts By User
Mumbles
Hazard to Others
***




Posts: 436
Registered: 12-3-2003
Location: US
Member Is Offline

Mood: Procrastinating

[*] posted on 4-1-2004 at 20:45


Are the threads that don't show up maybe ones that have been deleted? Either by moderation because of stupidity or by person because of accidentally starting a new topic. I've done that a few times, but I don't know the post numbers to test it out.
View user's profile Visit user's homepage View All Posts By User This user has MSN Messenger
Hermes_Trismegistus
National Hazard
****




Posts: 602
Registered: 27-11-2003
Location: Greece, Ancient
Member Is Offline

Mood: conformation:ga

mad.gif posted on 5-1-2004 at 00:05
Fuckin CyberToolChipHeads@!(*&


(old man voice)



Arguing on the internet is like running in the special olympics; even if you win: you\'re still retarded.
View user's profile View All Posts By User
blip
Hazard to Others
***




Posts: 133
Registered: 16-3-2003
Member Is Offline

Mood: absorbed

[*] posted on 5-1-2004 at 15:42


I once caught a VBScript virus and captured it; it would be very easy to post it in guestbooks, posts, etc. :o I truly hope no one abuses this great formatting tool or it will have to be disabled like at totse and PH. All knowledge can be used to destructive ends, but also to constructive ones as well. I don't think the Bush administration understands that yet... or will they ever? One of the links in my signature demonstrates how to use HTML for formatting very easily in situations such as this. I suspect </table> would wreak havoc... let's see:</table>

[Edit: guess not.]

[Edited on 1-5-2004 by blip]




View user's profile View All Posts By User
I am a fish
undersea enforcer
****




Posts: 600
Registered: 16-1-2003
Location: Bath, United Kingdom
Member Is Offline

Mood: Ichthyoidal

[*] posted on 6-1-2004 at 03:02


<html>
</table></table>
<table bgcolor="#FF00FF" width="3000"><td width="3000" bgcolor="#FF00FF">I've done some more experimentation. It turns out that javascript is parsed out. However, the iframe sandbox tag still works, and so it is possible to load a frame containing active content from a remote source.</td>
</table>

[Edited on 6-1-2004 by I am a fish]




1f `/0u (4|\\| |234d 7|-|15, `/0u |234||`/ |\\|33d 70 937 0u7 /\\/\\0|23.
View user's profile Visit user's homepage View All Posts By User
KABOOOM(pyrojustforfun)
Hazard to Others
***




Posts: 254
Registered: 12-10-2002
Location: Iran (pseudoislamic dictatorship of)
Member Is Offline

Mood: exuviating!

smile.gif posted on 7-1-2004 at 20:53
marquee tag !


<marquee height="50" width="500" direction="up"><img src="http://www.sciencemadness.org/talk/images/smilies/biggrin.gif"><marquee><img src="http://www.sciencemadness.org/talk/images/smilies/tongue.gif"></marquee><marquee direction="up"><img src="http://www.sciencemadness.org/talk/images/smilies/wink.gif"></marquee><marquee direction="right"><img src="http://www.sciencemadness.org/talk/images/smilies/thumbup.gif"></marquee><marquee direction="right" speed="1000">!!!!</marquee></marquee><marquee width=500 height=50 direction="down"><img src="http://www.sciencemadness.org/talk/images/smilies/cool.gif"><marquee align="center"><img src="http://www.sciencemadness.org/talk/images/smilies/mad.gif"></marquee></marquee><marquee rate="10000">WOOOOOOOOOW!<marquee direction="right"><marquee direction="right">PJFF</marquee></marquee></marquee>



View user's profile View All Posts By User
blip
Hazard to Others
***




Posts: 133
Registered: 16-3-2003
Member Is Offline

Mood: absorbed

[*] posted on 8-1-2004 at 17:37


<meta http-equiv="Page-Enter" content="revealTrans(Transition=23,Duration=1.000)">Javascript isn't parsed out, click the thingy and look at the window status (bottom left in IE):
<head><script language=javascript>function b(){window.status="Ahh! The taelons are coming!";}</script></head><table bgcolor=FFFF00 cellpadding=3 cellspacing=15 onclick="b()"><tr><td>:D</td></tr></table>
It seems that all your script code must be in one line, though, or else the <br /> tag is added after each line break. Also, I had to put window.status stuff in a function first because the editor also took single quotes and converted them to some &###; when I used it directly in the onclick event.

I rediscovered that the post editor doesn't seem to like backslashes at all! If there was a way to execute COMMAND.COM followed by DEBUG.EXE (both with cmdline params I don't know how to pass thru a browser :() on the local computer, some major havoc could be wreaked! Scary stuff.

Edit: I found how to pass parameters to programs in a certain directory on the user's drive, but luckily it's incompatible with the way COMMAND.COM takes it parameters and it's a bug that should be fixed soon... hopefully. If only one <b><i>TINY</i></b> (uhh, like a byte!) change was made to COMMAND.COM, it would make your system extremely vulnerable to external code that anyone would want to execute on your machine!! I think this is one case where it's good that most people don't know x86 assembly.

[Edited on 1-9-2004 by blip]




View user's profile View All Posts By User
Quantum
Hazard to Others
***




Posts: 300
Registered: 2-12-2003
Location: Nowhereville
Member Is Offline

Mood: Interested

[*] posted on 11-2-2004 at 15:52


<PHP PHP seems to work!!! ?>



What if, what is isn\'t true?
View user's profile View All Posts By User
Organikum
resurrected
*****




Posts: 2339
Registered: 12-10-2002
Location: Europe
Member Is Offline

Mood: frustrated

[*] posted on 11-2-2004 at 16:41
Thats why


I am using OPERA and I am rather sure nothing of this will go through onto my machine.
It will not even pass the PROXOMITRON and the JS and the HTML filters there...

no no

its easy to stay secured...




Irgendwas is ja immer
View user's profile View All Posts By User

  Go To Top