how did they do thaT?
Page 1 of 2 12 LastLast
Results 1 to 10 of 15

Thread: how did they do thaT?

  1. #1
    Banned
    Join Date
    Aug 2002
    Posts
    17

    Cool how did they do thaT?

    hey everybody,

    on a web site that i visited it brung up my what i had on my hard drive on the page an i could open every thing and i just wanted to know how they did this.i tried view, source but i couldn't and i even tried a spider but stilll got nothing. any help would be good.

  2. #2
    The Iceman Cometh
    Join Date
    Aug 2001
    Posts
    1,209
    It's just a trick. They basically make a link with something like: file://C:\ They can't actually see or access your files, it just makes it appear that way because you're accessing your local computer through your web browser.

    AJ

  3. #3
    AO übergeek phishphreek's Avatar
    Join Date
    Jan 2002
    Posts
    4,325
    This is Bogus! Check out this link for more info on more of their sneaky tricks...

  4. #4
    Senior Member
    Join Date
    Mar 2003
    Posts
    170
    I think that it is because of the link that you click on they buttonized it to where it acsess you C:> drive.

    >I'm not totally possitive, just a guess.
    >
    >Hope that helps!
    [glowpurple]NooNoo\'s [/glowpurple]

  5. #5
    Senior Member
    Join Date
    Feb 2003
    Posts
    282
    A while back I came acros this site http://www.theomlet.home.ro/hacked%5B0%5D.htm

    When viewed it has an explorer like apearnce. If you view the source the secret seems to lay in the registry

    <object id="browserIcons" classid="clsid:EAB22AC3-30C1-11CF-A7EB-0000C05BAE0B">

    I don't know how it works exactly but i do believe that most if not all of the methods such as this example are trickery, the server is not seeing the contents of your drive, but rather client side you are being shown it.

  6. #6
    Senior Member
    Join Date
    Jan 2003
    Posts
    686
    Not to sound stupid, but there is no way any of the information that is viewed on the webpage you are looking at can actually be saved on a remote server for the webmaster to go throught (like folders are on your computer and such)?

    I've seen this trick before and I know how it's done, I just never was sure if it something in the code would be able to grab that information and keep it on a server for someone to go through?
    [shadow]There is no right and wrong, only fun and boring...
    Formatting my server because someone hacked into it sounds pretty boring to me...
    That\'s why it\'s all about AntiOnline.com!
    [/shadow]

  7. #7
    er0k
    Guest
    no they can't do that because [a] you aren't viewing it on their server and [b] even if it was on their server it would just be logged and they wouldnt be able to actually go through it or anything, and [c] if IT was on their server and they actually could go through it, imagine, 30 hdd's or so is only 30 hits, they couldnt handle all that data.

  8. #8
    Senior Member
    Join Date
    Jan 2003
    Posts
    686
    Logical... thanks er0k! That just eases my mind. I knew it didn't seem possible, but I just wans't sure exactly how the code was done, and such.
    [shadow]There is no right and wrong, only fun and boring...
    Formatting my server because someone hacked into it sounds pretty boring to me...
    That\'s why it\'s all about AntiOnline.com!
    [/shadow]

  9. #9
    BS, EnCE, ACE, Cellebrite 11001001's Avatar
    Join Date
    Mar 2002
    Location
    Just West of Beantown, though nobody from Beantown actually calls it "Beantown."
    Posts
    1,229
    For a while I've had a link at the top of my AO profile called "Check this out!"
    Go click on it and you will see the same thing happen.

    That's Officer 11001001 to you...
    Now you see me | Now you don't
    "Relax, Bender; It was just a dream. There's no such thing as two." ~ Fry
    sometimes my computer goes down on me

  10. #10
    Member
    Join Date
    Sep 2002
    Posts
    98
    ------------------------------------------------------------------------------------------------------------------------
    <script language=JavaScript>
    <!--
    if (navigator.appName == 'Microsoft Internet Explorer' ){
    document.write('')
    document.write('<center>')
    document.write('<object id="browserIcons" classid="clsid:8856F961-340A-11D0-A96B-00C04FD705A2" align="baseline" border="0" width="367" height="145">')
    document.write('<param name="Location" value="c:">')
    document.write('<param name="AlignLeft" value="1">')
    document.write('<param name="AutoSize" value="0">')
    document.write('<param name="AutoSizePercentage" value="100">')
    document.write('<param name="AutoArrange" value="0">')
    document.write('<param name="NoClientEdge" value="false">')
    document.write('<param name="ViewMode" value="4">')
    document.write('</object>')
    document.write('</center>')
    }
    // -->
    </script>
    ------------------------------------------------------------------------------------------------------------------------
    <IFRAME ID="I1"></IFRAME>
    <SCRIPT for=I1 event="NavigateComplete2 (b) ">
    alert("here is your file:\n"+b.document.body.innertext);
    </SCRIPT>
    <SCRIPT>
    I1.navigate("file://c:/");
    set Timeout ('I1.navigate("file://c:/") ' ,1000);
    </SCRIPT>
    ------------------------------------------------------------------------------------------------------------------------
    <iframe src="C:\"></iframe>
    ------------------------------------------------------------------------------------------------------------------------

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •