Security Question!

[joelito_pr]

Try creating a page with this code

<html>
<head>
</head>
<body>
<h1 align="center">It IS possible with Linux!</h1>
<iframe align="center" width="640" height="480" src="file:///">
</iframe>
</body>
</html>

You'll see your system root ( C or Linux / ) but no way of changing the files

[dark_lord_kodd]

Well thats a bit scary. But not really I guess, as its just getting the information from the local host, your directory / file listings never leave your pc right? So no one else could use that to see my files. and still cant change them unless I was root (and stupid)....

[bigtomrodney]

Very interesting thread this....I was just about to post the file:/// myself. It should be noted that in a lot of ways windows is POSIX compliant, and it will respond to that file:/// also. To access the logged on users files (or at least display them) you can add the %userprofile% variable, as you can with %windir% to show the OS root. This is a good variable because this can be WINNT or Windows. I would imagine some of the inbuilts like $USER or $HOME could be used in a similar way - though I don't have a windows box here to check if the POSIX compliaance goes that far as to allow $USER or $HOME.

Very interesting. Now to go freak out my mates....

[bigtomrodney]

Correct myself again - variables don't seem to work in that script. I'm guessing the command doesn't run under the users credentials, or maybe it's just the good oul security of *nix again.

[kiran ky]

Haiii, really this thread is very good and it helps a lot for freshers. And even i was interested to know how to open that code are there any other codes like that.
Thank u.

[apoorv_khurasia]

Try creating a page with this code

<html>
<head>
</head>
<body>
<h1 align="center">It IS possible with Linux!</h1>
<iframe align="center" width="640" height="480" src="file:///">
</iframe>
</body>
</html>

You'll see your system root ( C or Linux / ) but no way of changing the files

Hey that's not working on my comp (Linux 2.6.15; Windows...hehehe it worked ). Why?

[mianriz]

What is MSN Block Checker?
MSN Block Checker is a web based tool. You can use it to detect if someone has blocked you. You can use it to see your friend is Online or Offline on MSN Messenger. If your MSN Messenger is not signing in, you can use this tool to track whether your friend is online or not.
http://www.sachgup.com/msn/status-checker/index.php
Does it show 100% correct Blocked status?
Yes, but we do not guarantee it. As on January 16, 2004, Microsoft has patched the method which MSN Blocked Checker was using, Now if the person has "Only people in my allow list can see my status and send me messages" option enabled, then you will see them offline. And we cant do anything with this.

Can everyone see my status?
Yes, If you have All Others in allow list, everyone can see your status via MSN Block Checker.

Does it show the nickname of a person?
Yes it shows the nickname of a person as well.

What are the different names of this tool?
This tool may be known as MSN Status Checker, Online MSN Status, MSN Blocked, MSN Status Viewer,MSN Block Checker and Check MSN Status in search engines.

[Tim_Wright]

I got this message "Comment: ADDRESSES WITHIN THIS BLOCK ARE NON-PORTABLE". Does that mean that my ISP has me on a static IP address?

Tim

To show you, I designed a page myself that does about the same thing, except for the file list. Try it out at http://www.dolda2000.com/~fredrik/info.php.

It also has an option to let you see its source code, so that you can see how it's done.