Follow us on Twitter!
Things are more like they are now than they have ever been before. - Dwight D. Eisenhower
Tuesday, May 24, 2016
Navigation
Home
 Find:
 Information:
Learn
Communicate
Submit
Shop
Challenges
 Exploit:
 Programming:
 Think:
 Track:
 Patch:
 Other:
 Need Help?
Other
Members Online
Total Online: 40
Guests Online: 36
Members Online: 4

Registered Members: 93812
Newest Member: jack3344
Latest Articles
View Thread

HellBound Hackers | HellBound Hackers | Bugs

Author

Security error (i think. not certain)


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 06-03-07 19:56
Since we all have our own profile pages now, couldn't, in theory, someone make an account named "../index.php%00" and deface the main page?
Author

RE: Security error (i think. not certain)

SySTeM
Member

Your avatar

Posts: 1524
Location: England, UK
Joined: 27.07.05
Rank:
HBH Guru
Posted on 06-03-07 20:01
No, because their username would contain invalid characters


img138.imageshack.us/img138/6527/sig2ak1.jpg
www.hellboundhackers.org/sig/r/2783.png

http://www.elites0ft.com/
Author

RE: Security error (i think. not certain)


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 06-03-07 20:16
Ok. Thats good. Just makin sure Wink

If those characters were allowed, it would work....right?
Author

RE: Security error (i think. not certain)


Member

Your avatar

Posts:
Location:
Joined: 01.01.70
Rank:
Guest
Posted on 06-03-07 20:19
or ../index.php?
And yes, it would work if it was unfiltered