889
Comment:
|
949
|
Deletions are marked like this. | Additions are marked like this. |
Line 16: | Line 16: |
1. [[http://www.sdii.com/Falling-Dominos-FAQ-1.0.PDF]] |
Web Exploration
- Firefox tricks
- Open page, and the in the address bar enter
javascript:alert(document.cookie)
to see the cookies.
- Lotus Notes
javascript:void(document.forms[0].submit())
will save a web form even if you have hidden the Save button!- catalog.nsf database obviously gives you a list of other databases that you can then look at.
Another interesting database is the Name & Address book (typically /names.nsf)
Depending on the version of Domino is running, you can try accessing the hidden $Users view of the Name & Address book. This view contains the unsalted HTTP password hashes of all the users. You would typically look for http://noteshost/names.nsf/$Users
- Open page, and the in the address bar enter
...