> Can you redirect to a private page like
Guillaume, I fooled you. You stepped into my XSS trap and I've stolen you MoinMoin Cookie. The redirection is a simple location() header - one is sent by my JavaScript in exploit3.html and the otherone is sent by my php Script after writing you cookies to a file on my server.
I redirect you to whereever you like. But whoever has access to the wiki configuration could you please remove "attachfile" from "allowedactions". Should be somewhere in wikiconfig.py.
Guys, and don't click on the links. I mean it. All your base are belong to us.
This wiki is evil. You better do NOT click on exploit.html
This wiki is evil. You better do NOT click on exploit2.html
This wiki is evil. You better do NOT click on exploit3.html
Transfer to new server done. 1 2 4 5