Programming Forums
User Name Password Register
 

RSS Feed
FORUM INDEX | TODAY'S POSTS | UNANSWERED THREADS | ADVANCED SEARCH

Reply
Page 4 of 5 < 123 4 5 >
 
Thread Tools Display Modes
Old Jun 14th, 2006, 4:36 PM   #31
Sane
Programming Guru
 
Sane's Avatar
 
Join Date: Apr 2005
Location: Waterloo, Ontario
Posts: 2,094
Rep Power: 6 Sane will become famous soon enough
Send a message via MSN to Sane
Well, plus this is free, no registration required, and unlimited space.

How would a user execute a file they saved? =S

@hervens: A home webserver.
Sane is online now   Reply With Quote
Old Jun 14th, 2006, 4:37 PM   #32
hervens48
Hobbyist Programmer
 
Join Date: Apr 2006
Location: Montreal, Canada
Posts: 107
Rep Power: 3 hervens48 is on a distinguished road
Send a message via AIM to hervens48 Send a message via MSN to hervens48
oh ok
hervens48 is offline   Reply With Quote
Old Jun 14th, 2006, 4:45 PM   #33
Infinite Recursion
Programming Guru
 
Infinite Recursion's Avatar
 
Join Date: Jul 2004
Location: United States
Posts: 3,473
Rep Power: 8 Infinite Recursion is on a distinguished road
Send a message via MSN to Infinite Recursion Send a message via Yahoo to Infinite Recursion
Quote:
Originally Posted by Sane
How would a user execute a file they saved? =S
Are the files stored on the local server? If so, could they be executed if the user knew the link to the directory they were in?
__________________
http://jasonpowers.net

"There are a thousand hacking at the branches of evil to one who is striking at the root."
Infinite Recursion is offline   Reply With Quote
Old Jun 14th, 2006, 4:47 PM   #34
splinter9x
Hobbyist Programmer
 
splinter9x's Avatar
 
Join Date: Jun 2006
Posts: 137
Rep Power: 0 splinter9x is an unknown quantity at this point
I would run it on my home server... When I get my FreeBSD to work that is.
__________________
Visit my Blog
I support WINDOWS...
splinter9x is offline   Reply With Quote
Old Jun 14th, 2006, 5:51 PM   #35
Sane
Programming Guru
 
Sane's Avatar
 
Join Date: Apr 2005
Location: Waterloo, Ontario
Posts: 2,094
Rep Power: 6 Sane will become famous soon enough
Send a message via MSN to Sane
Oh. So you're talking about executing it client side? -.-
Sane is online now   Reply With Quote
Old Jun 14th, 2006, 7:03 PM   #36
splinter9x
Hobbyist Programmer
 
splinter9x's Avatar
 
Join Date: Jun 2006
Posts: 137
Rep Power: 0 splinter9x is an unknown quantity at this point
I think I posted that in the wrong place lol, sorry...
__________________
Visit my Blog
I support WINDOWS...
splinter9x is offline   Reply With Quote
Old Jun 14th, 2006, 8:05 PM   #37
Sane
Programming Guru
 
Sane's Avatar
 
Join Date: Apr 2005
Location: Waterloo, Ontario
Posts: 2,094
Rep Power: 6 Sane will become famous soon enough
Send a message via MSN to Sane
Wah? I wasn't even responding to what you said. In case that's why you said wrong post. Unless you really did post in the wrong place (coincidentally in context).
Sane is online now   Reply With Quote
Old Jun 14th, 2006, 8:07 PM   #38
splinter9x
Hobbyist Programmer
 
splinter9x's Avatar
 
Join Date: Jun 2006
Posts: 137
Rep Power: 0 splinter9x is an unknown quantity at this point
Sorry I scrolled up to see who you were talking to and then I saw my post and was like shit, its in the wrong place lol...
__________________
Visit my Blog
I support WINDOWS...
splinter9x is offline   Reply With Quote
Old Jun 15th, 2006, 9:10 AM   #39
Infinite Recursion
Programming Guru
 
Infinite Recursion's Avatar
 
Join Date: Jul 2004
Location: United States
Posts: 3,473
Rep Power: 8 Infinite Recursion is on a distinguished road
Send a message via MSN to Infinite Recursion Send a message via Yahoo to Infinite Recursion
Quote:
Originally Posted by Sane
Oh. So you're talking about executing it client side? -.-
Here's a scenario to better explain what I am getting at...

I go to your site and create a file/script, that contains some malicious code. I save the file then go to your server, specifically to that file through my browser and execute it.

I was just curious as to if there were any constraints on contents of files, or execution of saved files... more or less for the prevention of an intrusion/attack.

In other words, when a user saves a file at what location is it stored? Can the user get directly to the file and execute it via a browser? Or is the contents stored in a database that is queried when someone wants to view it?
__________________
http://jasonpowers.net

"There are a thousand hacking at the branches of evil to one who is striking at the root."
Infinite Recursion is offline   Reply With Quote
Old Jun 15th, 2006, 12:54 PM   #40
Mocker
Hobbyist Programmer
 
Mocker's Avatar
 
Join Date: Oct 2005
Location: Indiana
Posts: 224
Rep Power: 0 Mocker is an unknown quantity at this point
Send a message via AIM to Mocker
If you choose a filename, you could choose "abadscript.php".

Then if you know the path you would go to http://onlinefileeditor/username/abadscript.php

instead of opening it through the actual website. If the server isn't configured to block scripts in user directories it would run the script. etc.
__________________
#programmingforums relay - http://thegupstudio.com/cgi-bin/pforelay.cgi
freelance scripts - http://ryanguthrie.com/index.html
Mocker is offline   Reply With Quote
Reply
Page 4 of 5 < 123 4 5 >

Bookmarks

« Previous Thread in Forum | Next Thread in Forum »

Currently Active Users Viewing This Thread: 1 (0 members and 1 guests)
 
Thread Tools
Display Modes
Linear Mode Linear Mode

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


Contact Us - DaniWeb IT Discussion Community - Privacy Statement - Top


DaniWeb IT Discussion Community
All times are GMT -5. The time now is 2:07 PM.

Powered by vBulletin® Version 3.7.0, Copyright ©2000 - 2008, Jelsoft Enterprises Ltd.
Copyright ©2007 DaniWeb® LLC