While developing Zlap I accidentally ran my test HTML file from my local machine. I was using the XMLHttpRequest(), commonly used in AJAX software, that is built into FireFox. The request I was making was to a PHP file that was also on my local machine and it returned the full contents of said file.
Upon further examination I discovered I could pull any file from any directory and have it displayed on the machine. I also tried to replicate this after uploading the test file to my server, luckily it failed.
What´s the big deal? I can´t remotely execute the file so we´re all safe. Well sort of. If I can get you to open a perfectly safe HTML file on your machine I can access your entire system. That´s right I can get the Directory structure, the files and all the contents of those files.
I can execute this script without you knowing. I can upload the contents of files to my server without you knowing. All I need to do is get you to run a simple HTML file.Read Full Story