|
HTML - 8e6 R3000 Filtering
I am curious as to how one would get past this certain filtering software. It blocks HTTPS connections (stupidly enough) and I discovered some intriguing information here. Have a look.
http://www.securiteam.com/securitynews/5ZP021PP5Y.html Quote: Vulnerable Systems: * 8e6 Technologies R3000 version 2.0.12.10 The HTTP URL filtering function provided by the 8e6 Technologies R3000 Internet Filter contains a vulnerability in that it can mistake a properly formed custom header for the Host header. This can be exploited for bypassing the filter by providing an allowed site in the custom header. Examples: GET / HTTP/1.0 X-DecoyHost: www.allowed.org Host: www.blocked.org GET / HTTP/1.0 X-Decoy: Host: www.allowed.org Host: www.blocked.org This weakness cannot be leveraged for circumventing blocks based on IP addresses (as opposed to DNS names). What does that code mean, and how can I use it to my advantage? Similar TutorialsHi everyone, I'd like to implement a good filtering system for a large HTML table I've got. The idea would be for potential customers and staff to be able to easily filter by destination or departure location. Current table: http://www.diveadventures.com.au/pages/Group_Dep.htm Hello, I have the following data in a text file which then the page reads and displays on a table. ,Event,Member,Time ,3k Run,Tom Heather,9.25 ,3k Run,Alex Peck,9.50 ,3k Run,Leith Sahla,8.20 ,3k Run,Cassie Davis,8.40 ,3k Run,Holly Calender,10.23 ,3k Run,Alex Plunkett,10.45 ,3k Run,Joe Rugg,9.44 ,3k Run,Ben Frere,9.55 ,5k Cycle,Tom Heather,10.45 ,5k Cycle,Louise Peak,11.07 ,5k Cycle,John blackhall,10.22 ,5k Cycle,Frank Kelly,10.56 ,5k Cycle,Sophie Mayo,9.55 ,5k Cycle,Steven Collins,10.37 I have a table which displays this data on my page and then i want to produce a separate table which produces the fastest time for the 3k Run and 5K Cycle events. I figure you have to use the <PARAM NAME="Filter" VALUE="fieldname = value"> but stuck from here really. Some help would be greatly appreciated, Thanks The page code is below <!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd"> <html xmlns="http://www.w3.org/1999/xhtml"> <head> <meta http-equiv="Content-Language" content="en-gb" /> <meta http-equiv="Content-Type" content="text/html; charset=utf-8" /> <title>Contact Us</title> <style type="text/css"> .style1 { text-decoration: underline; font-family: Arial, Helvetica, sans-serif; } </style> </head> <body> <table style="width: 72%; height: 7px"> <tr> <td> <p class="style1"><strong>Member Competitions </strong></p> </td> </tr> </table> <OBJECT ID = "data" CLASSID = "CLSID:333C7BC4-460F-11D0-BC04-0080C7055A83"> <PARAM NAME = "DataURL" VALUE = "data.txt"> <PARAM NAME = "UseHeader" VALUE = "TRUE"> <PARAM NAME = "FieldDelim" VALUE = ","> </OBJECT> <TABLE DATASRC = "#Data" STYLE = "border-style: ridge; border-color: #666666; background-color: #58595b"> <THEAD><TR STYLE = "background-color: 58595b"> <TH style="width: 164px">Event</TH> <TH style="width: 158px">Member</TH> <TH style="width: 149px">Time</TH> </TR></THEAD> <TBODY> <TR STYLE = "background-color: lightsteelblue"> <TD style="width: 164px"><SPAN DATAFLD = "Event"></SPAN></TD> <TD style="width: 158px"><SPAN DATAFLD = "Member"></SPAN></TD> <TD style="width: 149px"><SPAN DATAFLD = "Time"></SPAN></TD> </TR> </TBODY> </TABLE> <p class="style1"></p> </body> </html> How can I filter the file to be uploaded from the brose dialog. In particular I have tow buttons upload image , upload txt. and <input type="file" id="forImageUpload"> <input type="file" id="forTextUpload"> How can I make sure that when I click forImageUpload in the browse dialog only image files(like *.jpg , *.gif) are listed or shown. How can I make sure that when I click forTextUpload iin the browse dialog only image files(like *.txt) are listed or shown. Thanks. |
|||||||