View Full Version : How is this done? Changing file permissions through Javascript?

12-03-2005, 05:12 AM
I'm trying to figure out how this is working, I haven't been able to duplicate it using my own server.

Try to access this file:

You should get Access Denied, 403 error. Ok, that's fine. But now, go to this page:

Click on the image on right side. It will replace the picture with a small flash movie, when that finished playing, the movie will be replaced with an image of a letter. The thing is, the page never changes or refreshes, this is all done in javascript (you can view the source).

Basically, what happens is when you click on the image, it calls a function that displays the flash file. I decompiled the flash file, and all it does, is at the end, call one of the other javascript functions, which replaces the image holder with the letter image. The actual functions are a bit tricky, because they are trying to hide how they do it, but it isn't hard to figure out. (the functions basically take a string of numbers at the bottom of the source, and ASCII decode them, then reverse them to get the URLs of the flash movie adn letter graphic).

My question is, how is the letter being shown at the end? The file permissions haven't changed. How is it denied if you try to access it directly, but the javascript is able to display it. Note, after you have the letter on your screen, you should be able to paste the link above into that window and access the letter.

I've tried duplicating this on my server, but when the script tries to replace the SRC of the image holder, if the file I am trying to replace it with has no READ permission for OTHER, then it will just display a broken image link.

The reason I'm trying to figure this out, is because I know the name of another image file on that server, but permission is restricted. I'm wondering how I am able to see this letter, even though it is restricted, because then perhaps I could figure out how to access the other file that I know exists on the server.

Any ideas on how the file doesn't allow read permission, but then is allowed to display when the script replaces the SRC? If you look at the source of that page, this is the only part that is really important:

function load(u) {
getElement('p').style.visibility = "hidden";
getElement('display').style.visibility = "visible";
getElement('cover').style.visibility = "visible";
document.images['holder'].src = u;

The other stuff gets you to the "u" variable, which is the path to the letter - the value of 'u' when the function is called is 'image/gholtr_2.gif'. So, the script then hides one layer, makes two other layers visible, and then replaces the image id 'holder' src with the value of 'u'. My question is, how is it able to show an image that seems to have restricted file permissions?

12-03-2005, 05:48 AM
You can also see this working on another page (which uses the same code, but is a little easier to follow).

If you try to access this image:

You should get access denied, 403 error. However, if you go here:

And enter 'Copenhagen' (with out the quote marks, and with a capital C, lower case everything else) in the text box and hit SUBMIT, it will display another letter (the one I just linked above). Now if you copy and paste the direct url to the letter, you should be able to access the image.

Again, how is it that the file permission on the image is restricted, yet the javascript is able to load it via replacing the SRC value? I haven't been able to duplicate this on my own server.