Welcome to Geeklog, Anonymous Wednesday, December 25 2024 @ 02:54 am EST

Security

JavaScript Backend Grabber

  • Saturday, August 17 2002 @ 04:30 am EDT
  • Contributed by:
  • Views: 12,100
Security I recently came across with a cool (err, depends on how you look at it) Javascript that grabs the backend stuff (external css, etc) off of any website:

javascript:var%20text=\'\';%20css=document.styleSheets;
%20for%20(c=0;c<css.length;c++)%20%20js=
document.getElementsByTagName(\'script\');
%20for%20(j=0;j<js.length;j++)%20with
%20(open(\'\',\'\',\'width=600,height=
400,scrollbars,resizable,status\').document)%20

Just copy and paste the above code as a bookmark, and then simply run the bookmark while you\'re at the page you want to \"grab\" from.

The reason I\'m posting here is because I wanted to ask whether or not GeekLog could be modified to block this particular javascript (and others of its like)?

[Editor\'s note: code should be all in one line - broken down into pieces so as to not break the site\'s layout -- Dirk]

Gallery Security Issue

  • Thursday, August 01 2002 @ 08:45 am EDT
  • Contributed by:
  • Views: 7,004
Security

Since many here are using Gallery together with Geeklog, I'd like to point out that a security vulnerability has been found in Gallery which affects versions 1.2.5 and 1.3.0 of that package.

Read all about it on the Gallery homepage (story includes instructions on how to patch existing installations).

bye, Dirk

Page navigation