Skip to content
 
If you can read this, either the style sheet didn't load or you have an older browser that doesn't support style sheets. Try clearing your browser cache and refreshing the page.

(The Register)   Why, yes, you can register an XSS attack as a UK company name. Little Bobby Tables would be proud   (theregister.com) divider line
    More: Amusing  
•       •       •

3123 clicks; posted to Main » and Business » on 30 Oct 2020 at 2:25 PM (4 weeks ago)   |   Favorite    |   share:  Share on Twitter share via Email Share on Facebook



19 Comments     (+0 »)
 
View Voting Results: Smartest and Funniest
 
2020-10-30 2:19:44 PM  
Little Bobby Tables has grown up and registered his first company.
 
2020-10-30 2:47:05 PM  

Gordon Bennett: Little Bobby Tables has grown up and registered his first company.


FTA:

Such tomfoolery has been carried out in the past, aided by a legal requirement that certain punctuation marks are available for companies to use in their names. Thus was born "; DROP TABLE "COMPANIES";-- LTD"

I warned ye!  I warned ye!  But diddya listen?  Oh, nae!  You knew it all, dint ye...  'Oh, it's just a little harmless mingling of instructions with data,' innit?  Well, it's always the same, I always tell them...

/ i.ytimg.com
 
2020-10-30 2:47:25 PM  
Setting limited formatting in databases is a thing for a reason.
 
2020-10-30 2:49:23 PM  
Because somebody has to do all the work

Fark user imageView Full Size
 
2020-10-30 2:50:39 PM  
According to Whois, the internet domain (xss.ht) in this company name registration has its domain registration expire on Dec 14, 2020. So expect to see a lot of people try to poach it now if the owner doesnt re-up his registration by then. And if someone does successfully poach it, they could replace the content of that domain with something that actually is malicious.

Do you want botnets? Because this is how you get botnets.
 
2020-10-30 2:52:27 PM  

bughunter: Gordon Bennett: Little Bobby Tables has grown up and registered his first company.

FTA:

Such tomfoolery has been carried out in the past, aided by a legal requirement that certain punctuation marks are available for companies to use in their names. Thus was born "; DROP TABLE "COMPANIES";-- LTD"

I warned ye!  I warned ye!  But diddya listen?  Oh, nae!  You knew it all, dint ye...  'Oh, it's just a little harmless mingling of instructions with data,' innit?  Well, it's always the same, I always tell them...

/ [i.ytimg.com image 91x69]


/thread
 
2020-10-30 2:59:00 PM  
I would've changed it to

THE COMPANY FORMERLY KNOWN AS ">< SCRIPT SRC[=]HTTPS[:]//MJT.XSS.HT> LTD
 
2020-10-30 3:07:46 PM  
If I open a restaurant, and I want to name it "I'm Going To Lunch", and the geniuses at the local business administration can't process it because every time they say the new name they go to lunch, that's on them, not on me. They should fortify their procedures against Bad Input. I didn't do anything wrong, and neither did this guy, if he farks your system up you should be thanking him.
 
2020-10-30 3:20:24 PM  
UK XSS to be them.
 
2020-10-30 4:03:32 PM  
Fark user imageView Full Size
 
2020-10-30 4:14:29 PM  
Poop emoji LTD is farking awesome
 
2020-10-30 4:31:08 PM  

covfefe: If I open a restaurant, and I want to name it "I'm Going To Lunch", and the geniuses at the local business administration can't process it because every time they say the new name they go to lunch, that's on them, not on me. They should fortify their procedures against Bad Input. I didn't do anything wrong, and neither did this guy, if he farks your system up you should be thanking him.


I had a weird urge to walk away from my desk and have lunch as I read your post.
 
2020-10-30 4:36:58 PM  
And indeed Companies House is secure: company number 12956509 is now called "THAT COMPANY WHOSE NAME USED TO CONTAIN HTML SCRIPT TAGS LTD". ®

Wait, a sense of humor in administration? Did we skip timelines?
 
2020-10-30 4:40:15 PM  
Because of CORS you can.
 
2020-10-30 10:51:27 PM  
Deltree *.* Inc.
 
2020-10-31 12:52:46 AM  
I want open a business called "Thank you for calling, how can I help you?"
So when my employees answer the phone, they say
"Thank you for calling 'thank you for calling, how can I help you', how can I help you?"

(That's not mine, but I heard it many, many years ago and have no idea where the original came from.)
 
2020-10-31 1:43:55 AM  

Gordon Bennett: Little Bobby Tables has grown up and registered his first company.


If little Bobby Tables was in 4th grade when the comic was Boobiesed (2007), then Rob is out of college by now. He could be working in his first job, or given that it's 2020, living back home with his mom and creating fake companies.
 
2020-10-31 9:20:53 AM  
This is like naming your business Punch Yourself In The Face and then laughing as people actually do that when they read your company name. Many people seem to think that if they program a computer to punch them in the face that it doesn't count as them being a farking idiot.
 
2020-10-31 3:58:45 PM  

Stavr0: [Fark user image 267x149]


I remember reading about some dude in Nevada that thought it would be funny. Turns out the field in parking tickets for cars that have no license plate is really "null" and not just empty!
 
Displayed 19 of 19 comments

View Voting Results: Smartest and Funniest

This thread is closed to new comments.

Continue Farking





On Twitter



  1. Links are submitted by members of the Fark community.

  2. When community members submit a link, they also write a custom headline for the story.

  3. Other Farkers comment on the links. This is the number of comments. Click here to read them.

  4. Click here to submit a link.