wierd form???

Printable View

October 5th, 2001, 04:30 PM
whackaxe

wierd form???

"<!DOCTYPE HTML PUBLIC "-//IETF//DTD HTML//EN">
<HTML><HEAD><TITLE>bar</TITLE>
</HEAD><BODY BGCOLOR="#FFFFFF" TEXT="#000000"><FORM METHOD="POST" ENCTYPE="application/x-www-form-urlencoded">
<INPUT TYPE="hidden" NAME="id" VALUE="000000">Please enter your password: <INPUT TYPE="password" NAME="password" SIZE=20 MAXLENGTH=20><INPUT TYPE="submit" NAME="submit" VALUE="Enter Password"></FORM></BODY></HTML>"

can any one tell me what "application/w-www-form-urlencoded" is. i was trying to to get a etc/passwd file of a server and was trying throught the form but I have been stopped by this bizzare
October 5th, 2001, 04:37 PM
magic1

microsoft security

is the "new way" of microsoft for encoding the source of html
documents.

"is not a secure way but it helps" said someone in microsoft
which means "it helps keeping away blind people from reading the source" :)

Maybe this help ^

bye
October 6th, 2001, 10:05 AM
whackaxe

how do i get round it?

it helps me by telling me what my problem is but does anyone know how to get round it?
October 6th, 2001, 10:25 AM
magic1

make a htm in your local webserver
change in the form the type hidden for the id and
the in the value put a negative number example
-21212121123123 then call their application from the form

this will crash their aplication (if they are stupid)

bye
October 7th, 2001, 07:46 PM
whackaxe

hmm not to clear

not to clear about what u said but i think i should be able to get around it