949
Comment:
|
1037
|
Deletions are marked like this. | Additions are marked like this. |
Line 17: | Line 17: |
1. [[http://www.codestore.net/store.nsf/unid/BLOG-20031110|Change Notes db ACL]] |
Web Exploration
- Firefox tricks
- Open page, and the in the address bar enter
javascript:alert(document.cookie)
to see the cookies.
- Lotus Notes
javascript:void(document.forms[0].submit())
will save a web form even if you have hidden the Save button!- catalog.nsf database obviously gives you a list of other databases that you can then look at.
Another interesting database is the Name & Address book (typically /names.nsf)
Depending on the version of Domino is running, you can try accessing the hidden $Users view of the Name & Address book. This view contains the unsalted HTTP password hashes of all the users. You would typically look for http://noteshost/names.nsf/$Users
- Open page, and the in the address bar enter
...