Jump to content

Hacking www.davidsbridal.com


Recommended Posts

Posted

Meh, so I was bored and a friend of mine pointed me towards a link to www.davidsbridal.com, which redirected me to a page to sign in.

Within the sign on page, information was linked to the store ID, and catalog ID, just for info.

After viewing the source on there, I plugged in this link:

http://www.davidsbridal.com/webapp/wcs/sto...999999999%22(1)

Which informed me nicely,

[ServletException in:/DBI/CatalogSection/Category/DressYourWeddingLogInBody.jsp] null'

Under this page in the source code, I noticed a link that pointed me towards a page they had apparently used before upgrading to the index page here, (at least I assume that's what it's there for, considering the left pane is gone)

http://www.davidsbridal.com/webapp/wcs/sto...catalogId=10051

In the source code on this page, was a link to their main.css layout, which has URL handles for quite a bit of stuff.

http://www.davidsbridal.com/wcsstore/DBI/s...-print/main.css

The point, is really nothing but checking out their information, I'm sure someone could go a lot further than this if they wanted to, but I thought I'd point out some of the interesting ways they have their page set up.

Posted

...no, it has urls for other css layouts, all this can be seen in ff view source. The exception handle is what you should be concerned with because that is where you will "try" to sneak some code in ajax

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

  • Recently Browsing   0 members

    • No registered users viewing this page.
×
×
  • Create New...