Re: Is it possible to run a command on the client computer ?

navti wrote:
On May 25, 5:13 am, Andrew Thompson <andrewtho...@xxxxxxxxx> wrote:
On May 25, 7:39 am, navti <nav...@xxxxxxxxx> wrote:

On May 24, 10:16 pm, -Lost <maventheextrawo...@xxxxxxxxxx> wrote:>
navti wrote:
it all happened automatically without any intervention. i was
using win2k and ie6 at the time. i have since switched to mac os
x.
...
if ((JVM_vers[0]!=0)&&(JVM_vers[2]<3810))
{ ExploitNumber=1; }
else // if JVM = 5.0.3810.0 or higher

The (dreaded) MSVM.
<snipped/>

he stole my files . i know this for a fact.
why would you think it was otherwise ? have you been living down a
mineshaft for the past 5 years ? never heard of xss ? are you in some
sort of state of denial ?
only an ignoramus would try and deny it was possible for a webserver
to compromise a client's machine.

my mistake is thinking javascript was enough . obviously it was a
combination of javascript, java, activex , php , xml etc etc

JavaScript, php, xml and etc. does not have *anything* to do with it!

The only way a webserver can compromise a client in the way you described
is eiter:
1.) A signed Java Applet where you explicitly have ansvered "Yes" when
asked if you wanted to let the applet run.
2.) A signed ActiveX control where you explicitly have ansvered "Yes"
when
asked if you wanted to let the control run.
3.) Any ActiveX control, and you have the security settings of your
browser
wide-open.

Neither PHP nor JavaScript is able to access your files.

--
Dag.


.

Relevant Pages

  • XMLHttpRequest and AJAX for PHP programmers
    ... Although the concept isn't entirely new, XMLHttpRequest technology is ... There are too many PHP programmers avoiding any ... work with javascript beyond simple form validation, ...
    (comp.lang.php)
  • VB6 OR VBA & Webbrowser DOM Tiny $50 Mini Project Programmer help
    ... Job is to convert that JAVASCRIPT code into SIMPLE VBA code ... Here's a bookmarklet that will tell you whether or not the browser ... JS sends request to the server (to a PHP script) ... This is the PHP script. ...
    (microsoft.public.vb.controls.internet)
  • VB6 OR VBA & Webbrowser DOM Tiny $50 Mini Project Programmer help
    ... Job is to convert that JAVASCRIPT code into SIMPLE VBA code ... Here's a bookmarklet that will tell you whether or not the browser ... JS sends request to the server (to a PHP script) ... This is the PHP script. ...
    (microsoft.public.inetsdk.programming.webbrowser_ctl)
  • VB6 OR VBA & Webbrowser DOM Tiny $50 Mini Project Programmer help wanted
    ... Job is to convert that JAVASCRIPT code into SIMPLE VBA code ... Here's a bookmarklet that will tell you whether or not the browser ... JS sends request to the server (to a PHP script) ... This is the PHP script. ...
    (microsoft.public.vb.6.webdevelopment)
  • Re: How do we get there from here?
    ... > 'AJAX approach'? ... I am using php and ajax, ... linked to the page back to the server, which could be a php script. ... but is not an entire page) to the JavaScript. ...
    (comp.databases.pick)
Loading