Author Topic: Memorial Thread [Goodbye formatted topics....] (Read 2759 times)

Conan · May 12, 2018, 04:03:00 PM

For all those who have fallen in the latest ban spree. RIP in peace blockheads...

https://forum.blockland.us/index.php?topic=318867.msg9864687#msg9864687

Quote from: SwollowBot on May 12, 2018, 04:14:25 PM

it involved the table and the list elements in conjunction
ie something like this to get the text out of a few table elements
[list][list][list][table][tr][td][/list]
[list][table][tr][td][/list][/td][/tr][/table]
[list][table][tr][td][/list][/td][/tr][/table]Hey[/list][/list]

had nothing to do with it and if anything you should just remove the list element since lists can be made with bullet point characters

in other words: [table ] and now do not work

Ad Bot · Advertisement

EcstaticEggplant · May 12, 2018, 04:03:36 PM

anyone wanna explain the exploit now that its fixed?

The Murderous Cop · May 12, 2018, 04:03:45 PM

http://badspot.us/Incendiary.html

Maxwell. · May 12, 2018, 04:04:09 PM

hello

thatguysebi · May 12, 2018, 04:04:17 PM

Ahead · May 12, 2018, 04:05:03 PM

Quote from: EcstaticEggplant on May 12, 2018, 04:03:36 PM

anyone wanna explain the exploit now that its fixed?

Quote from: Badspot on May 12, 2018, 04:01:08 PM

To "fix" this issue, I have removed 'table', 'tr', and 'td' from the bbcode parser. I don't know if this is enough. As far as I can tell, the exploit just involves a bunch of tags screwing up the page layout and does not allow for arbitrary html injection. If arbitrary code injection is possible, please notify me immediately.

I have banned the following people permanently for using the exploit to forget up otherwise functioning threads:
lykakspars
Punished Kidalex90
simpletonnn
maxxxx
zelau
Rally
thegoodperry

I have banned the following people for the standard one week for participating in the spam thread or messing up their profile:
K3k0m@n
Pecon
Swollow
two and a half limericks
Gytyyhgfffff
Copy Kirby
Parlydogs22

EDIT: Just realized Badspot's quote was linked in OP. Oops.

EcstaticEggplant · May 12, 2018, 04:05:39 PM

Quote from: Ahead on May 12, 2018, 04:05:03 PM

i mean explain how it worked. like how did they use these tags to forget up the layout so much?

Fire Vine · May 12, 2018, 04:05:50 PM

end times are near

failbros2 · May 12, 2018, 04:06:06 PM

press f to pay respects idk

Ahead · May 12, 2018, 04:06:45 PM

Quote from: EcstaticEggplant on May 12, 2018, 04:05:39 PM

i mean explain how it worked. like how did they use these tags to forget up the layout so much?

The table, tr and td tags allowed for a user to mess with the layout of the page, so you could have, for example, an image on a user's profile be at the top before the actual profile layout was created.

People were using the tags to put huge text on top of pages, etc.

Conan · May 12, 2018, 04:06:48 PM

Quote from: EcstaticEggplant on May 12, 2018, 04:05:39 PM

i mean explain how it worked

something like

Code: [Select]

[list][table][/table][/list]
test

torin� · May 12, 2018, 04:07:29 PM

rally didnt deserve a perma

EcstaticEggplant · May 12, 2018, 04:09:02 PM

Quote from: Ahead on May 12, 2018, 04:06:45 PM

The table, tr and td tags allowed for a user to mess with the layout of the page, so you could have, for example, an image on a user's profile be at the top before the actual profile layout was created.

People were using the tags to put huge text on top of pages, etc.

Quote from: Conan on May 12, 2018, 04:06:48 PM

something like
Code: [Select]
[list][table][/table][/list]

i saw all the havoc it caused but i wanna know how they actually did it. or were people literally just spamming tags until it forgeted the html up somehow?

Conan · May 12, 2018, 04:10:39 PM

Quote from: EcstaticEggplant on May 12, 2018, 04:09:02 PM

i saw all the havoc it caused but i wanna know how they actually did it. or were people literally just spamming tags until it forgeted the html up somehow?

what i posted was part of the contents of one of the posts by zealu on the "forget up this topic" thread prior to the forums going down for maintenance

Fire Vine · May 12, 2018, 04:11:29 PM

rip matthews threads