Ranter
Join devRant
Do all the things like
++ or -- rants, post your own rants, comment on others' rants and build your customized dev avatar
Sign Up
Pipeless API
From the creators of devRant, Pipeless lets you power real-time personalized recommendations and activity feeds using a simple API
Learn More
Comments
-
@JKamue I am honestly not sure, that's why I did not reveal their url, don't want them to be hacked lol
-
xewl41266y@JKamue Depends on how the underlying system is parsing the incoming parameters.. But I'd try nonetheless xD
-
@nitwhiz well I once saw a demo about listing server directory tree from using plain linux commands like ls, cd inside a textbox and sending request to server.
Not sure what else could be possible -
@gitpush these setups on which you can perform such stunts are outrageuosly stupid. On the other hand, error from url.. so.. you got a point.
-
GTom7186yI know the site, and had to try it out myself, luckily for them the MS thing it's made in does filter the basic xss things, even escaped stuff.
-
@GTom good good cuz I have to work with it for sometime lol don't you mess it up for me XD
Related Rants
This is what happens when you decide to send error messages as url value
I'm speechless :\
random
very wow