Site Reviews
 
Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
 
 
User Name:
Password:
Remember me
Go Back   ASP Free ForumsWeb DesignSite Reviews
Reload this Page

Page 2 - Www.acotis.co.uk

Page 2 - Discuss Www.acotis.co.uk in the Site Reviews forum on ASP Free.
Www.acotis.co.uk Site Reviews forum to have your web site evaluated by our community users. Gain solid recommendations for areas of improvement by design and development experts. You must be a member for at least 30 days and have at least 30 posts to list your site.

Reply
Add This Thread To:
  Del.icio.us   Digg   Google   Spurl   Blink   Furl   Simpy   Y! MyWeb 
Page 2 of 2 < 1 2
« Previous Thread | Next Thread »  
Thread Tools Search this Thread Rate Thread Display Modes
 
Unread ASP Free Forums Sponsor:
  #16  
Old April 4th, 2006, 01:54 AM
Shadow Wizard's Avatar
Shadow Wizard Shadow Wizard is offline
Moderator From Beyond
ASP Free God 46th Plane (27500 - 27999 posts)
  
Join Date: Sep 2004
Location: Israel
Posts: 27,635 Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)  Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1
Time spent in forums: 3 Months 2 Weeks 2 h 55 m 37 sec
Reputation Power: 1902
Quote:
Originally Posted by pilonull
Oh, Well Thanks, Yep, Thanks, I'm really excited about being here, It seems like a nice place to ask questions, and to get help from others :P
check your inbox..
Reply With Quote
  #17  
Old April 4th, 2006, 04:08 PM
pilonull pilonull is offline
Registered User
ASP Free Newbie (0 - 499 posts)
  
Join Date: Apr 2006
Posts: 10 pilonull User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 51 m
Reputation Power: 0
Quote:
Originally Posted by Shadow Wizard
check your inbox..


Thanks, Since I still can't PM (need 4 more posts after this one), Is it ok to ask you a question here, like, my dad's site is www.fgsgems.com, and i'm testing it for vulnerabilities, and how would the hacker manipulate the hidden fields? Like how would they inject it into the form?
Reply With Quote
  #18  
Old April 4th, 2006, 04:14 PM
Shadow Wizard's Avatar
Shadow Wizard Shadow Wizard is offline
Moderator From Beyond
ASP Free God 46th Plane (27500 - 27999 posts)
  
Join Date: Sep 2004
Location: Israel
Posts: 27,635 Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)  Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1
Time spent in forums: 3 Months 2 Weeks 2 h 55 m 37 sec
Reputation Power: 1902
check the inbox again...
Reply With Quote
  #19  
Old April 4th, 2006, 04:20 PM
pilonull pilonull is offline
Registered User
ASP Free Newbie (0 - 499 posts)
  
Join Date: Apr 2006
Posts: 10 pilonull User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 51 m
Reputation Power: 0
Quote:
Originally Posted by Shadow Wizard
check the inbox again...


Ugh, I'm sorry if I am not understanding this, But How does the hacker input information into those hidden fields, like, I know how to view them (view source, correct?) but how does a hacker input the changed values into the fields?

*EDIT* ok, I guess my dad's site is all right against this vulnerability, because he does not store the prices in a hidden field... ugh, I'm aggrivated because I am still confused
Reply With Quote
  #20  
Old April 4th, 2006, 04:27 PM
Shadow Wizard's Avatar
Shadow Wizard Shadow Wizard is offline
Moderator From Beyond
ASP Free God 46th Plane (27500 - 27999 posts)
  
Join Date: Sep 2004
Location: Israel
Posts: 27,635 Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)Shadow Wizard User rank is General 14th Grade (Above 100000 Reputation Level)  Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1Folding Points: 373781 Folding Title: Super Ultimate Folder - Level 1
Time spent in forums: 3 Months 2 Weeks 2 h 55 m 37 sec
Reputation Power: 1902
I'll construct example when I'll have more time.. remind me within couple of days
hopefully until then you'll have the 10 posts...
Reply With Quote
  #21  
Old April 4th, 2006, 04:37 PM
pilonull pilonull is offline
Registered User
ASP Free Newbie (0 - 499 posts)
  
Join Date: Apr 2006
Posts: 10 pilonull User rank is Just a Lowly Private (1 - 20 Reputation Level) 
Time spent in forums: 1 h 51 m
Reputation Power: 0
Quote:
Originally Posted by Shadow Wizard
I'll construct example when I'll have more time.. remind me within couple of days
hopefully until then you'll have the 10 posts...


haha thanks! I really appreciate it. I definately will, Thanks for all your help and stuff.
-alex
Reply With Quote
  #22  
Old April 4th, 2006, 04:50 PM
Memnoch's Avatar
Memnoch Memnoch is offline
Unholy Moderator
ASP Free God 14th Plane (11500 - 11999 posts)
  
Join Date: Oct 2003
Location: In hell, where did you think?
Posts: 11,776 Memnoch User rank is Lieutenant Colonel (40000 - 50000 Reputation Level)Memnoch User rank is Lieutenant Colonel (40000 - 50000 Reputation Level)Memnoch User rank is Lieutenant Colonel (40000 - 50000 Reputation Level)Memnoch User rank is Lieutenant Colonel (40000 - 50000 Reputation Level)Memnoch User rank is Lieutenant Colonel (40000 - 50000 Reputation Level)Memnoch User rank is Lieutenant Colonel (40000 - 50000 Reputation Level)Memnoch User rank is Lieutenant Colonel (40000 - 50000 Reputation Level)Memnoch User rank is Lieutenant Colonel (40000 - 50000 Reputation Level)Memnoch User rank is Lieutenant Colonel (40000 - 50000 Reputation Level)Memnoch User rank is Lieutenant Colonel (40000 - 50000 Reputation Level)Memnoch User rank is Lieutenant Colonel (40000 - 50000 Reputation Level) 
Time spent in forums: 3 Weeks 5 Days 8 h 27 m 42 sec
Reputation Power: 470
Quote:
Originally Posted by pilonull
Ugh, I'm sorry if I am not understanding this, But How does the hacker input information into those hidden fields, like, I know how to view them (view source, correct?) but how does a hacker input the changed values into the fields?

*EDIT* ok, I guess my dad's site is all right against this vulnerability, because he does not store the prices in a hidden field... ugh, I'm aggrivated because I am still confused


A hacker would do the following...

1) View the source and determine if there was a hidden field storing the price of the item.

2) They would the save the source to their computer.

3) Change the value of the hidden field.

4) Change the forms action attribute to correspond to the website path the form would submit to.
Reply With Quote
Reply
Page 2 of 2 < 1 2

Viewing: ASP Free ForumsWeb DesignSite Reviews > Www.acotis.co.uk

« Previous Thread | Next Thread »

Thread Tools  Search this Thread 
Search this Thread:

Advanced Search
Display Modes  Rate This Thread 
Linear Mode Linear Mode
Rate This Thread:


Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
vB code is On
Smilies are On
[IMG] code is On
HTML code is Off
View Your Warnings | New Posts | Latest News | Latest Threads | Shoutbox
Forum Jump


Forums: » Register « |  User CP |  Games |  Calendar |  Members |  FAQs |  Sitemap |  Support | 
  
 





© 2003-2008 by Developer Shed. All rights reserved. DS Cluster 5 hosted by Hostway
Stay green...Green IT