Re: [xsl] xsl as a hacker's tool

Subject: Re: [xsl] xsl as a hacker's tool
From: "Colin Findlay" <colin@xxxxxxxxx>
Date: Fri, 12 Apr 2002 15:23:02 +0100
Why not just download them??

http://sa.windows.com/transform.xsl

Col.
----- Original Message -----
From: "Bryan Rasmussen" <bry@xxxxxxxxxx>
To: <xsl-list@xxxxxxxxxxxxxxxxxxxxxx>
Sent: Friday, April 12, 2002 1:59 PM
Subject: [xsl] xsl as a hacker's tool


>
> anyone read this?
> http://www.theregister.co.uk/content/4/24815.html
>
> it says that win-xp on executing a search downloads the following xsls
>
> transform.xsl
> balloon.xsl
> prevectr.xsl
> vector.xsl
> boolean.xsl
> pretrans.xsl
> transform.xsl
>
> why transform is repeated no idea, since I don't have XP can someone who
> does send me these or post them or would this be illegal in our present
day
> world. I'm not gonna do this but it strikes me that bad people could maybe
> write an exploit, manage to point the search at their own address instead
of
> http://sa.windows.com/ and then downloading their own xsls, these xsls
would
> hold ms namespace extensions and Oh boy!
>
>
>  XSL-List info and archive:  http://www.mulberrytech.com/xsl/xsl-list


 XSL-List info and archive:  http://www.mulberrytech.com/xsl/xsl-list


Current Thread