gamingmaster14 (December 31, 1969 at 6:59 pm)

LOL! those are the most newbest ways to hack.

magnum789 (December 31, 1969 at 6:59 pm)

lol yeah:p

AssShow (December 31, 1969 at 6:59 pm)

html+php ownz

StrikeMike2k (December 31, 1969 at 6:59 pm)

This guy is funny... Did he say "input type=dropdown" at 12:51? HAHA funny. select tag would be a better way of saying it.

pimpjongen (December 31, 1969 at 6:59 pm)

This works is because of 2, bad practice, loops:while(list($key, $val) = each($_GET)) { $GLOBALS[$key] = $val;same with $_POST;Both the variables in GET and POST are written into the GLOBAL scope, thus overwriting the initialized $MailToAddress and $MailSubject.So for this exploit POST/GET doesn't matter. PHP5 is vulnerable as well. Even register_globals off won't help.Script google: PHP formmail + "asking for a name"Now why didn't the hacker explain that? I'm just a developer...

jessehanson1981 (December 31, 1969 at 6:59 pm)

"we can spoof the subject of the email", "inject into the web page" classic .. is this video directed towards noobs or programmers? you realize the web page is your browser don't you..

djshaunp (December 31, 1969 at 6:59 pm)

You sir are a uber dip shit deluxe. Plenty of people use or used this script, that's why it had a large rating on hotscripts[dot]com. Next time, save yourself from looking like a total retard, and do your research before you open your man hole.

thirtysixway (December 31, 1969 at 6:59 pm)

Just because it was some mail example doesn't mean people are actually using or advertising that they're using it. Fucking moron.

gumpdy (December 31, 1969 at 6:59 pm)

hacking is me laughing so hard that I start coughing

djshaunp (December 31, 1969 at 6:59 pm)

Are you all retarded? The script that was exploited by your's truly is an Open Source mail form script. You can download the source code anywhere. Google PHP formmail, ugh. Instead of hating, do you research and stfu.