Invisible AO Folders...
Results 1 to 4 of 4

Thread: Invisible AO Folders...

  1. #1
    Senior Member
    Join Date
    Oct 2001
    Posts
    786

    Invisible AO Folders...

    This is a bug that I've discovered with the AO PM Folders. A quick search found no matches of this being posted before. Gee, I feel special...

    We all know how JP has worked to keep HTML in our posts out of AO? Well, he forgot at least one thing. The name's of our PM folders!

    I used a folder name of '</SELECT>', and now it shows up as a blank select box in the drop down list. Whats more, it doesn't show up in the list at the right with our folder names! It can be solved by replacing the '<' with the other combination that shows that character (the usual way). There may be other things that have this overlooked bug, but I doubt that they will have much impact, as this one only deals with your personal, PM box. BTW, you can still access the folder.

    I'm beginning to think of a few other things that have this bug now... If they cause little impact, such as this one, I might post it. Otherwise, I'll PM the invisible folder...

    -Tim_axe
    Share on Google+

  2. #2
    Senior Member
    Join Date
    Nov 2001
    Location
    Ireland
    Posts
    735
    Now THAT, is hacking!
    Well done Tim!
    Share on Google+

  3. #3
    Banned
    Join Date
    Sep 2001
    Posts
    853
    thanks to tim and a bit of xss hehe
    ive come up with a bit of a more major hole that allows the contents of your cookies to be displayed its not so much of a problem in the pm folder but im sure that with a bit of harder looking i could find a bigger exploit i dont want to print it just incase some people get some ideas so if JP you want to PM or email rioter@budweiser.com
    i will kindly tell you what the problem is
    RiOtEr
    p.s thanks tim_axe for sending my mind in the right direction
    Share on Google+

  4. #4
    Banned
    Join Date
    Jul 2001
    Posts
    1,100
    Greetings All:

    Thanks for the heads up on this! I've taken care of the problem.

    thread closed.
    Share on Google+

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •