Scratch

GeonoTRON2000 · 2012-03-25 22:37:26

I'm making my own antidote script.
It should be done in less than an hour.
Here's what it will support:

[flash]flash_url_here[/flash]
[youtube]id[/youtube]
[scratch=flash]GeonoTRON2000/2416215[/scratch]

Last edited by GeonoTRON2000 (2012-04-06 21:12:56)

GeonoTRON2000 · 2012-03-25 23:11:03

It's done!
Download here: http://www.cfagency.org/antidote.user.js
EDIT: HTML has been disabled.
ENJOY!

Last edited by GeonoTRON2000 (2012-03-26 10:34:39)

nathanprocks · 2012-03-26 01:30:13

GeonoTRON2000 wrote:
It now passively enables HTML.
For example:
<input type="text" value="You can't do this in BBCode." />

This is very insecure. That is why Rookwood101 didn't put that in his code (and also made it hard to hack the tags to add code too).

GeonoTRON2000 · 2012-03-26 10:03:25

nathanprocks wrote:
GeonoTRON2000 wrote:
It now passively enables HTML.
For example:
<input type="text" value="You can't do this in BBCode." />
This is very insecure. That is why Rookwood101 didn't put that in his code (and also made it hard to hack the tags to add code too).

Wassa da matta? Afraid of a little IFrame?

Hardmath123 · 2012-03-26 10:13:03

Squawkers13 · 2012-03-26 10:28:58

It can embed projects...
<tested>

Last edited by Squawkers13 (2012-03-26 10:29:39)

ZeroLuck · 2012-03-26 10:45:12

GeonoTRON2000 wrote:
Wassa da matta? Afraid of a little IFrame?

You can embed a script which posts automatical things on the forums and other bad things...

zippynk · 2012-03-26 10:49:12

[img]http://4.bp.blogspot.com/-_oUAdpmJXpM/T0rtXW6f5OI/AAAAAAAAC0A/YH8l3SEFo-k/s1600/testing-testing-123.jpg onload=javascript:alert("If you're seeing this in an alert box, the userscript isn't secure.");[/img]

Edit: I don't see an alert box. I guess it's secure.

Last edited by zippynk (2012-03-26 10:52:34)

LS97 · 2012-03-26 11:04:40

Hardmath123 wrote:
<script type="text/javascript">
while(true)
{
alert("Nah, just this sort of thing.");
}
</script>

That's why you use Chrome -- it blocks multiple dialogue boxes! big_smile

scimonster · 2012-03-26 11:12:42

LS97 wrote:
Hardmath123 wrote:
<script type="text/javascript">
while(true)
{
alert("Nah, just this sort of thing.");
}
</script>
That's why you use Chrome -- it blocks multiple dialogue boxes!

FF gives you the option to stop them, but sometimes you want a few. tongue

zippynk wrote:
http://4.bp.blogspot.com/-_oUAdpmJXpM/T … e.')"

Edit: I don't see an alert box. I guess it's secure.

Try now.

Squawkers13 · 2012-03-26 20:05:04

<image>
http://4.bp.blogspot.com/-_oUAdpmJXpM/T0rtXW6f5OI/AAAAAAAAC0A/YH8l3SEFo-k/s1600/testing-testing-123.jpg onload=javascript:alert("If you're seeing this in an alert box, the userscript isn't secure.");
<image>

GeonoTRON2000 · 2012-03-26 22:09:17

Squawkers13 wrote:
<image>
http://4.bp.blogspot.com/-_oUAdpmJXpM/T0rtXW6f5OI/AAAAAAAAC0A/YH8l3SEFo-k/s1600/testing-testing-123.jpg onload=javascript:alert("If you're seeing this in an alert box, the userscript isn't secure.");
<image>

Actually, the BBCode is img, and so is the HTML tag.
[img]http://4.bp.blogspot.com/-_oUAdpmJXpM/T0rtXW6f5OI/AAAAAAAAC0A/YH8l3SEFo-k/s1600/testing-testing-123.jpg onload=javascript:alert("If you're seeing this in an alert box, the userscript isn't secure.");[/img]

GeonoTRON2000 · 2012-03-27 10:33:23

New scratch tag in the new version!

Code:

[scratch=flash]user/projectId[/scratch]

Last edited by GeonoTRON2000 (2012-04-12 23:09:09)

rookwood101 · 2012-03-27 11:13:29

Do you think you could not call it antidote?

And also I don't see why you feel the need to remake something that has already been made, without adding any new features (well a few but not many) and it writing such an insecure version.

Last edited by rookwood101 (2012-03-27 11:15:03)

rookwood101 · 2012-03-27 11:18:55

[img]http://www.silentrunners.org/graphics/sr/sr_5.gif" onload="alert('If you\'re seeing this in an alert box, the userscript isn\'t secure. Your password cookie: ' + document.cookie + 'I could quite easily send this to a third party source');[/img]

Last edited by rookwood101 (2012-03-27 11:24:38)

roijac · 2012-03-27 11:47:08

[img]" /><img src="http://i.imgur.com/7lUPz.png" onload="while(true){alert('remove the script!')};" style="max-width: 510px;[/img]

Last edited by roijac (2012-04-07 16:17:23)

rookwood101 · 2012-03-27 11:53:34

roijac wrote:
http://www.w3schools.com/images/icon_do … cript!')};

lol

GeonoTRON2000 · 2012-03-27 20:18:15

Teehee. New version. All onloads disabled.

lallaway12 · 2012-03-28 00:51:01

hmm I will try this

roijac · 2012-03-28 01:36:50

GeonoTRON2000 wrote:
Teehee. New version. All onloads disabled.

teehee. new image onload version. your code is still unsecure.

nathanprocks · 2012-03-28 01:40:02

GeonoTRON2000 wrote:
Teehee. New version. All onloads disabled.

Did you disable the <script /> and <iframe />? (Yes, in-line frames can run JS too lol.)

GeonoTRON2000 · 2012-03-28 10:35:47

This discussion is continued here: http://geonotron.net84.net/forums/viewt … =6&t=3

rookwood101 · 2012-03-28 10:41:45

GeonoTRON2000 wrote:
This discussion is continued here: http://geonotron.net84.net/forums/viewt … =6&t=3

Why?

lallaway12 · 2012-03-28 11:08:19

close topic

GeonoTRON2000 · 2012-03-28 18:27:02

rookwood101 wrote:
GeonoTRON2000 wrote:
This discussion is continued here: http://geonotron.net84.net/forums/viewt … =6&t=3
Why?

'Cuz this might be considered spam or something and this topic is likely to be closed.

Scratch

archived forums

#1 2012-03-25 22:37:26

My new antidote script

#2 2012-03-25 23:11:03

Re: My new antidote script

#3 2012-03-26 01:30:13

Re: My new antidote script

GeonoTRON2000 wrote:

#4 2012-03-26 10:03:25

Re: My new antidote script

nathanprocks wrote:

GeonoTRON2000 wrote:

#5 2012-03-26 10:13:03

Re: My new antidote script

#6 2012-03-26 10:28:58

Re: My new antidote script

#7 2012-03-26 10:45:12

Re: My new antidote script

GeonoTRON2000 wrote:

#8 2012-03-26 10:49:12

Re: My new antidote script

#9 2012-03-26 11:04:40

Re: My new antidote script

Hardmath123 wrote:

#10 2012-03-26 11:12:42

Re: My new antidote script

LS97 wrote:

Hardmath123 wrote:

zippynk wrote:

#11 2012-03-26 20:05:04

Re: My new antidote script

#12 2012-03-26 22:09:17

Re: My new antidote script

Squawkers13 wrote:

#13 2012-03-27 10:33:23

Re: My new antidote script

Code:

#14 2012-03-27 11:13:29

Re: My new antidote script

#15 2012-03-27 11:18:55

Re: My new antidote script

#16 2012-03-27 11:47:08

Re: My new antidote script

#17 2012-03-27 11:53:34

Re: My new antidote script

roijac wrote:

#18 2012-03-27 20:18:15

Re: My new antidote script

#19 2012-03-28 00:51:01

Re: My new antidote script

#20 2012-03-28 01:36:50

Re: My new antidote script

GeonoTRON2000 wrote:

#21 2012-03-28 01:40:02

Re: My new antidote script

GeonoTRON2000 wrote:

#22 2012-03-28 10:35:47

Re: My new antidote script

#23 2012-03-28 10:41:45

Re: My new antidote script

GeonoTRON2000 wrote:

#24 2012-03-28 11:08:19

Re: My new antidote script

#25 2012-03-28 18:27:02

Re: My new antidote script

rookwood101 wrote:

GeonoTRON2000 wrote:

Board footer