While researching different hacks and attack/defense techniques, it’s common to uncover odd behavior in software, especially in web browsers. I’ve also found various oddities point me in the direction of a vulnerabilities or sometimes tricks that become useful as part of another hack. Anyway, here’s some strangeness in Firefox that other might find interesting.
Use a SCRIPT tag to SRC in any invalid file type, like an image.
<* script src="1.jpg"><* /script>
To suppress the error message, use a type attribute with any value:
<* script src="1.jpg" type="put_anything_here"><* /script>
How is this useful? I don't know, but its weird eh?
More to come.