Previous Thread
Next Thread
Print Thread
Hop To
#243840 06/11/2011 2:32 PM
Joined: Apr 2011
Posts: 136
S
member
member
S Offline
Joined: Apr 2011
Posts: 136
Does anybody know how this person got past the limit for subject text?

[Linked Image from anony.ws]

Joined: Dec 2003
Posts: 6,628
Likes: 85
Joined: Dec 2003
Posts: 6,628
Likes: 85
Must be a different forum than the url you gave me before.
But anyway possibly you have html enabled for that board


Blue Man Group
There is no such thing as stupid questions. Just stupid answers
Joined: Apr 2011
Posts: 136
S
member
member
S Offline
Joined: Apr 2011
Posts: 136
I looked at the source but I didnt see any HTML changes in the span



<span id="subject0">megapixel game site megapixels memory cards megapixels 14 conversion megapixels to megabytes canon cameras 12.1 megapixels megapixels studio rates megapixel and photo size megapixels and image sizes kodak 12.2 megapixels md41 megapixel lens calculator megapixel video camera bold 9700 megapixels megapixels 12.1 how many megapixels do i need for a poster megapixels memory chart</span>
</b>


Joined: Dec 2003
Posts: 6,628
Likes: 85
Joined: Dec 2003
Posts: 6,628
Likes: 85
Not sure where you got that from.
Possibly view source in a browser?
But it is html
and
<span id="subject0">
does not look native to ubb.
Try editing the post and see if you can see what is embedded in the topic and post.


Blue Man Group
There is no such thing as stupid questions. Just stupid answers
Joined: Apr 2011
Posts: 136
S
member
member
S Offline
Joined: Apr 2011
Posts: 136
its not on my site so I don't have the privileges to edit it.

here is the site

http://forum.surfermag.com/forum/postlist.php?Cat=0&Board=UBB1&page=0

Last edited by ShiftKnowledge; 06/11/2011 4:21 PM.
Joined: Jul 2006
Posts: 2,143
Pooh-Bah
Pooh-Bah
Joined: Jul 2006
Posts: 2,143
version 6.5 is pretty put of date. Currently the topic title field in the database is varchar(255). I suspect it was back then too. Any restrictions in topic length via the form can be bypassed, and there surely was nothing in the actual scripts back then that would have limited it.

In other words, no, it wasn't hacked.

Last edited by David Dreezer; 06/11/2011 5:24 PM.

This thread for sale. Click here! [Linked Image from navaho.infopop.cc]
Joined: Apr 2011
Posts: 136
S
member
member
S Offline
Joined: Apr 2011
Posts: 136
I know from experience that you can only use about 40 chars or less for the subject title so its got to be a script.

Joined: Apr 2007
Posts: 3,940
Likes: 1
SD Offline
Former Developer
Former Developer
Joined: Apr 2007
Posts: 3,940
Likes: 1
fairly easy to hack 6.5, or if you will, bypass perceived safety of the forum software and break the rules...

matter of fact, up until 7.4 there were some holes that could be breached.

wink

Joined: Apr 2011
Posts: 136
S
member
member
S Offline
Joined: Apr 2011
Posts: 136
so you are saying its probably very easy to get admin passwords etc as well?

Joined: Apr 2007
Posts: 3,940
Likes: 1
SD Offline
Former Developer
Former Developer
Joined: Apr 2007
Posts: 3,940
Likes: 1
i know there was a flaw in how certain form submitted data was handled.

rather than go into details, the prudent thing would be to upgrade to 7.5.6, imho

then there are no questions

and 'very easy' is a relative term. 'joe blow' off the street would never get in, but....... you get the drift..


Link Copied to Clipboard
ShoutChat
Comment Guidelines: Do post respectful and insightful comments. Don't flame, hate, spam.
Recent Topics
Not allowing attachment over 2m
by ehill - 12/03/2024 3:16 PM
New Admin Here
by SenecaFlyer - 12/02/2024 4:14 PM
Post Counts zeroed out
by Baldeagle - 11/03/2024 3:05 PM
Who's Online Now
0 members (), 1,448 guests, and 60 robots.
Key: Admin, Global Mod, Mod
Random Gallery Image
Latest Gallery Images
Los Angeles
Los Angeles
by isaac, August 6
3D Creations
3D Creations
by JAISP, December 30
Artistic structures
Artistic structures
by isaac, August 29
Stones
Stones
by isaac, August 19
Powered by UBB.threads™ PHP Forum Software 8.0.1
(Snapshot build 20240918)