Go Back   vb.org Archive > Community Central > Community Lounge
Reload this Page Attention Everyone
FAQ Community Calendar Today's Posts Search

Reply
Page 1 of 2 1 2
 
Thread Tools Display Modes
  #1  
Old 12-20-2004, 11:10 PM
Gio~Logist's Avatar
Gio~Logist Gio~Logist is offline
 
Join Date: Jun 2004
Location: San Francisco
Posts: 2,575
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default Attention Everyone
i dont know if it has come to anyone's attention but i have been trying to hack my own site and mess with it myself to see if there are any security wholes on vb that i can fix to protect myself, im here trying all this high tech stuff when i notice that a simple little code in your signature can make the site redirectt wherever you post

<head>

<META HTTP-EQUIV="refresh" content="2;URL=http://www.************.com">

</head>

inserting that in your signature when html sigs are available will make the site redirect

now that i know how to DO it, is there any way to STOP PEOPLE FROM DOING IT!!?!?!?
Reply With Quote
  #2  
Old 12-20-2004, 11:31 PM
cinq's Avatar
cinq cinq is offline
 
Join Date: Oct 2002
Posts: 1,398
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
disable html ?
Reply With Quote
  #3  
Old 12-20-2004, 11:32 PM
Caiman Caiman is offline
 
Join Date: Apr 2004
Location: Manchester UK
Posts: 114
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by cinq
disable html ?
Quite, I didn't know ANYONE still allowed HTML in signatures
Reply With Quote
  #4  
Old 12-20-2004, 11:58 PM
Gio~Logist's Avatar
Gio~Logist Gio~Logist is offline
 
Join Date: Jun 2004
Location: San Francisco
Posts: 2,575
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
yes i did that but now i dont feel like going and making a vb code for all these different codes that members like to use in profiles like drop downs and all of that

and half of the rapboards allot html in their sigs, which is dum cuz rapboards are the boards that get haked the most
Reply With Quote
  #5  
Old 12-21-2004, 12:27 AM
filburt1 filburt1 is offline
 
Join Date: Feb 2002
Location: Maryland, US
Posts: 6,144
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by gio~logist
and half of the rapboards allot html in their sigs, which is dum cuz rapboards are the boards that get haked the most
Put 2-and-2 together. There's a reason the only bolded part in a description in vB's admin CP is to keep HTML off.
Reply With Quote
  #6  
Old 12-21-2004, 12:39 AM
Gio~Logist's Avatar
Gio~Logist Gio~Logist is offline
 
Join Date: Jun 2004
Location: San Francisco
Posts: 2,575
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Indeed, my site is safe, this is not about my site. Its for other sites so i can tell them a way to be secure without having to disable html

If there is a way.....
Reply With Quote
  #7  
Old 12-21-2004, 12:46 AM
Reeve of shinra's Avatar
Reeve of shinra Reeve of shinra is offline
 
Join Date: Oct 2001
Location: NYC
Posts: 1,896
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
bbcode ?!?
Reply With Quote
  #8  
Old 12-21-2004, 01:33 AM
Gio~Logist's Avatar
Gio~Logist Gio~Logist is offline
 
Join Date: Jun 2004
Location: San Francisco
Posts: 2,575
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Reeve of shinra
bbcode ?!?

what?
Reply With Quote
  #9  
Old 12-21-2004, 10:42 AM
Dean C's Avatar
Dean C Dean C is offline
 
Join Date: Jan 2002
Location: England
Posts: 9,071
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
It clearly says in the admincp that HTML should be turned on with moderation as it's a security risk., as in you should keep a close-eye on who uses it.
Reply With Quote
  #10  
Old 12-21-2004, 11:59 AM
deathemperor's Avatar
deathemperor deathemperor is offline
 
Join Date: Jul 2003
Location: HOL
Posts: 1,270
Благодарил(а): 0 раз(а)
Поблагодарили: 0 раз(а) в 0 сообщениях
Default
Quote:
Originally Posted by Reeve of shinra
bbcode ?!?
he meant you can try replacing html code with bbcode. that's the only way.
Reply With Quote
Reply
Page 1 of 2 1 2

« Previous Thread | Next Thread »

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is On
HTML code is Off
Forum Jump


All times are GMT. The time now is 07:44 AM.

Contact Us - Archive - Top

Powered by vBulletin® Version 3.8.12 by vBS
Copyright ©2000 - 2025, vBulletin Solutions Inc.
X vBulletin 3.8.12 by vBS Debug Information
  • Page Generation 0.04218 seconds
  • Memory Usage 2,247KB
  • Queries Executed 13 (?)
More Information
Template Usage:
  • (1)SHOWTHREAD
  • (1)ad_footer_end
  • (1)ad_footer_start
  • (1)ad_header_end
  • (1)ad_header_logo
  • (1)ad_navbar_below
  • (1)ad_showthread_beforeqr
  • (1)ad_showthread_firstpost
  • (1)ad_showthread_firstpost_sig
  • (1)ad_showthread_firstpost_start
  • (4)bbcode_quote
  • (1)footer
  • (1)forumjump
  • (1)forumrules
  • (1)gobutton
  • (1)header
  • (1)headinclude
  • (1)navbar
  • (3)navbar_link
  • (120)option
  • (1)pagenav
  • (1)pagenav_curpage
  • (1)pagenav_pagelink
  • (10)post_thanks_box
  • (10)post_thanks_button
  • (1)post_thanks_javascript
  • (1)post_thanks_navbar_search
  • (10)post_thanks_postbit_info
  • (10)postbit
  • (10)postbit_onlinestatus
  • (10)postbit_wrapper
  • (1)spacer_close
  • (1)spacer_open
  • (1)tagbit_wrapper 
Phrase Groups Available:
  • global
  • inlinemod
  • postbit
  • posting
  • reputationlevel
  • showthread
Included Files:
  • ./showthread.php
  • ./global.php
  • ./includes/init.php
  • ./includes/class_core.php
  • ./includes/config.php
  • ./includes/functions.php
  • ./includes/class_hook.php
  • ./includes/modsystem_functions.php
  • ./includes/functions_bigthree.php
  • ./includes/class_postbit.php
  • ./includes/class_bbcode.php
  • ./includes/functions_reputation.php
  • ./includes/functions_post_thanks.php 
Hooks Called:
  • init_startup
  • init_startup_session_setup_start
  • init_startup_session_setup_complete
  • cache_permissions
  • fetch_threadinfo_query
  • fetch_threadinfo
  • fetch_foruminfo
  • style_fetch
  • cache_templates
  • global_start
  • parse_templates
  • global_setup_complete
  • showthread_start
  • showthread_getinfo
  • forumjump
  • showthread_post_start
  • showthread_query_postids
  • showthread_query
  • bbcode_fetch_tags
  • bbcode_create
  • showthread_postbit_create
  • postbit_factory
  • postbit_display_start
  • post_thanks_function_post_thanks_off_start
  • post_thanks_function_post_thanks_off_end
  • post_thanks_function_fetch_thanks_start
  • post_thanks_function_fetch_thanks_end
  • post_thanks_function_thanked_already_start
  • post_thanks_function_thanked_already_end
  • fetch_musername
  • postbit_imicons
  • bbcode_parse_start
  • bbcode_parse_complete_precache
  • bbcode_parse_complete
  • postbit_display_complete
  • post_thanks_function_can_thank_this_post_start
  • pagenav_page
  • pagenav_complete
  • tag_fetchbit_complete
  • forumrules
  • navbits
  • navbits_complete
  • showthread_complete