1. Advertising
    y u no do it?

    Advertising (learn more)

    Advertise virtually anything here, with CPM banner ads, CPM email ads and CPC contextual links. You can target relevant areas of the site and show ads based on geographical location of the user if you wish.

    Starts at just $1 per CPM or $0.10 per CPC.

Important! how to reach webuser's harddrive?

Discussion in 'C#' started by mmilitia, Aug 22, 2006.

  1. #1
    Hi,
    SEMrush
    I want to reach a spesific folder in my webuser's computer. Basicly, when a user click a link, my asp page have to go a spesific folder (example C://Documents and Settings/username/blabla) and I have to read all files in this folder.

    is there any ocx or dll to reach webuser's computer?
     
    mmilitia, Aug 22, 2006 IP
    SEMrush
  2. vectorgraphx

    vectorgraphx Guest

    Messages:
    545
    Likes Received:
    16
    Best Answers:
    0
    Trophy Points:
    0
    #2
    uh..... nope.
     
    vectorgraphx, Aug 22, 2006 IP
  3. mmilitia

    mmilitia Guest

    Messages:
    3
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #3
    Remember the ocx came from Microsoft on MSN Space. when user accept activex, it reads our harddisk to add pitcures. There must have been an ocx. I have to find or I will die :)
     
    mmilitia, Aug 22, 2006 IP
  4. JohnZing

    JohnZing Peon

    Messages:
    109
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #4
    I hope not :D

    You can make an ocx yourself, but it works on IE only.
     
    JohnZing, Aug 22, 2006 IP
  5. ccoonen

    ccoonen Well-Known Member

    Messages:
    1,607
    Likes Received:
    71
    Best Answers:
    0
    Trophy Points:
    160
    #5
    you can read a file using the FSO (File System Object)

    <%
    Set fs=Server.CreateObject("Scripting.FileSystemObject")
    Set f=fs.OpenTextFile("C:/Documents and Settings/username/blabla.txt", 1)
    Response.Write(f.ReadAll)
    f.Close
    Set f=Nothing
    Set fs=Nothing
    %>
     
    ccoonen, Aug 22, 2006 IP
  6. ludwig

    ludwig Notable Member

    Messages:
    2,253
    Likes Received:
    66
    Best Answers:
    0
    Trophy Points:
    225
    #6
    thats for the server that hosts your site and not for client side
     
    ludwig, Aug 22, 2006 IP
  7. mmilitia

    mmilitia Guest

    Messages:
    3
    Likes Received:
    0
    Best Answers:
    0
    Trophy Points:
    0
    #7
    Yes that's for server side. There must be something else way to read client side.
     
    mmilitia, Aug 23, 2006 IP
  8. ludwig

    ludwig Notable Member

    Messages:
    2,253
    Likes Received:
    66
    Best Answers:
    0
    Trophy Points:
    225
    #8
    Usually you get the client side info via JavaScript. but it doesn't give you the info about the hard drive (maybe, not completely shure).

    There is another point that if there is a way to access someone's hard drive than all the PC may get hacked, so I think you need to find a hole in IE
     
    ludwig, Aug 23, 2006 IP
  9. rooneydavid

    rooneydavid Guest

    Messages:
    67
    Likes Received:
    2
    Best Answers:
    0
    Trophy Points:
    0
    #9
    First off you are gona need permission from each user, otherwise it could and will be seen as hacking (up to 25 years in prison). Second the only way to really do it is ActiveX and you will need to get that digitly signed otherwise the anti virus software will catch it and warn the user. There is no standard ActiveX to do this, you will need to script it and complile it yourself. Third did you try VBScript client side posting information back to the server! But IE will catch that and stop it on newer upto date patched versions. Your best off forgetting trying to do that, what could possible be on a users hard drive that you want to read?? And with the new IE coming out it wont be long before it will be stopped!
     
    rooneydavid, Aug 23, 2006 IP
    cormac likes this.
  10. Free Born John

    Free Born John Guest

    Messages:
    111
    Likes Received:
    4
    Best Answers:
    0
    Trophy Points:
    0
    #10
    Yes, I've done it on a couple of projects in the past, but it requires you to create an activex control which the user has to install. Most users will not do this, so unless you're working in a controlled environment (like I was) where the users know all about the control and want to install it, then forget it.

    regards
     
    Free Born John, Aug 23, 2006 IP
  11. brandnewx

    brandnewx Peon

    Messages:
    988
    Likes Received:
    28
    Best Answers:
    0
    Trophy Points:
    0
    #11
    Browsers don't allow this due to user's security settings. Firefox and opera strictly forbid this, while IE uses security zone to enforce the permissions given to web page.

    So as IE normally flag web pages as in Internet Zone, you can't mess up user's computer. There's exception when you exploit security hole of IE to make your page looks as if it's in Local Zone and use Javascript to access local files, or lure the user to install your malicious ActiveX control.

    Search for "Internet explorer 6 privilege escalation" if you want to go with hacking way. I'm doubt you find a working one nowadays, because IE and Windows are going concrete in term of safty now.

    IE users, if you surf untrusted web pages, don't ever install any ActiveX control. It's like installing virus into your computer.
     
    brandnewx, Aug 28, 2006 IP