|
||||||||
On Mon, 2004-12-27 at 18:23, Chris Buechler wrote: > On Mon, 27 Dec 2004 15:01:25 +0100, Adam Nellemann <adam at nellemann dot nu> wrote: > > > > Since it would appear that m0n0wall does not use the type of > > form-method that allow you to compose a suitable URL with the userid > > and password embedded, I am at a loss about how to achieve this? > > > > Actually it does work doing that. I'm guessing you're using IE, which > doesn't do that anymore because MS removed it since most users are too > dumb to realize > http://mybank.com/blahblahblah/blahblah/blah at 1337haxor dot com doesn't > really go to mybank.com... (typically throw in a whole lot more > before that @, and you have a highly successful phishing scheme) > > http[s]://username:password@m0n0ip/ will still work in Firefox. As > for what to do to get around this lovely IE 'feature', I don't know. Is there another webserver available? If so, you can write a script that fetches the data you want, and insert the results/data into your own page. I'm doing just that on a number of sites. Actually I just setup a script to fetch then "/" of my monowall. The page can be seen on http://wangerin.linux.dk/m0n0wall.php. The php-code for generating that is simple: > <?php > $title = "Status/log på PPoE forbindelsen til Sonofon"; > $menu = "2.2 m0n0wall information"; > $logfile = @file("https://XXXX:YYYY@mono_ip/"); > > $body=join ("",$logfile); > > include (".template.php"); > ?> The template builds the main frame, and inserts $body the right place - that's all. Could also be do as > <?php > echo join("",@file("https://XXXX:YYYY@mono_ip/")); > ?> Then nothing would be added to or modified in the output of monowall -- Henning Wangerin <mailinglists dash after dash 041101 underscore reply dash not dash possible at hpc dot dk> |