just wondering whether anyone has messed around with this yet, and more importantly whether anyone figured out what exactly goes into this meta tag data. (if you're not familiar with it, click here)

never played with it because i thought it doesn't really have any security-related significance.

iirc, there are two ways to verify that you own a domain -
1. upload a file
2. include a meta tag with a unique value in the index page

both ways will not disrupt the loading of the site.

the meta tag's probably used because it's pretty much the only tag that can be accepted in the <head> tag and won't make any modifications to how the page looks. and the b64 string is probably just a unique one-time identifier. if you do find out anything, however, do let me know

as always, i will keep my head down and keep sifting through the rubbish. i was kinda hoping that my fear of it being nothing more than a one-time-id wouldn't be affirmed, but i guess it can't be helped. if you google that though, you'll find a lot of broken pages (esp php and aspx) where the sourcecode is clearly visible. some intentional, but others not. generally, if a page works, it doesn't show up in searches, so a broken page does. a bit off the main issue, but nice none the less.

One time I could exploit a site that was using Base64.
I think it was the username wich got encrypted or something, so regular characters didn't work.
But, the solution was simple.
I encoded some characters and it worked because the site decrypted them again into regular characters =).

on the same subject as DA, there is a base64 converter site which, up until a while ago, was vulnerable to a pipe attack. (you know, pipe - | ). it was quite amusing because i was just converting stings given by an application called raysource (some of you might be familiar with it - a p2p app for wares, movies, clips etc). the site admins have since been informed (by me) and the issue fixed, so i don't think it's necessary to censor that the site was http://www.motobit.com/util/base64-decoder-encoder.asp

so the hack short:

if you encoded the string

i would be a god amongst mortals| if only it weren't for you

it would return the correct result of

aSB3b3VsZCBiZSBhIGdvZCBhbW9uZ3N0IG1vcnRhbHN8IGlmIG9ubHkgaXQgd2VyZSdudCBmb3IgeW91

but if you decoded it, it would only return the first portion of the string which is

i would be a god amongst mortals

so after a bit of scratching my head and wondering why the web app returned the wrong result *consistently*, i realized how fatal the issue really was and that encoding and decoding

test|ls

gave me the directory structure...

...so moral of the story - isn't it funny how it is as easy to overlook the hidden as it is to overlook the obvious?

Unusual to see .asp being hosted on a linux box..

sorry - my mistake. you're right, it should've read test|dir. thanks for pointing it out

Oh, ok

I since looked it up and there are some ways of hosting asp on *nix, which I didn't realise

no, i do recall it being a "dir" string, though i tried ls first. "'ls' is not recognized as an internal or external command, operable program or batch file." kinda gave it away at that point. the error in my initial post was a mistake through haste, which happens all too easily. but i'm sure there would be emulators, or some other means through which it might be possible.