fortyonegames wrote:

OrangeCat747 wrote:

fortyonegames wrote:

fortyonegames wrote:

This one makes the entire page flash red, kinda cool: https://scratch.mit.edu/projects/1299345735/

The SVG Code is this:

<svg xmlns="http://www.w3.org/2000/svg" width="200" height="100">

  <!-- Indicator inside SVG -->
  <rect x="0" y="0" width="200" height="100" fill="#111"/>
  <text x="100" y="55" fill="#0f0" font-size="12" text-anchor="middle">
    Logo / Comment Slide Test
  </text>

  <style>
    img[alt="Scratch"],
    .scratch-logo,
    .logo {
      transform: translateX(50px) scale(1.2) !important;
      transition: transform 0.5s ease !important;
    }

    /* target comment input */
    textarea,
    .comment-input {
      transform: scale(1.3) translateY(-10px) !important;
      transition: transform 0.5s ease !important;
      border: 2000px solid red !important;
    }
  </style>

</svg>

And this one flashes green right?

<svg xmlns="http://www.w3.org/2000/svg" width="200" height="100">

  <!-- Indicator inside SVG -->
  <rect x="0" y="0" width="200" height="100" fill="#111"/>
  <text x="100" y="55" fill="#0f0" font-size="12" text-anchor="middle">
    Logo / Comment Slide Test
  </text>

  <style>
    img[alt="Scratch"],
    .scratch-logo,
    .logo {
      transform: translateX(50px) scale(1.2) !important;
      transition: transform 0.5s ease !important;
    }

    /* target comment input */
    textarea,
    .comment-input {
      transform: scale(1.3) translateY(-10px) !important;
      transition: transform 0.5s ease !important;
      border: 2000px solid green !important;
    }
  </style>

</svg>

That svg code is super old so it might not work well

class="preview"

id="view"

plum_the_fox wrote:

i would be neat if it was possible to replace the background of the project with a photo, which sits in

class="preview"

under

id="view"

MineTurte wrote:

plum_the_fox wrote:

i would be neat if it was possible to replace the background of the project with a photo, which sits in

class="preview"

under

id="view"

This could easily be used to upload explicit photos by the way.

ChristianScratcher1 wrote:

MineTurte wrote:

plum_the_fox wrote:

i would be neat if it was possible to replace the background of the project with a photo, which sits in

class="preview"

under

id="view"

This could easily be used to upload explicit photos by the way.

Is that not already doable via uploading pictures in the costume editor which is much easier than having to go through all this CSS?

MineTurte wrote:

plum_the_fox wrote:

i would be neat if it was possible to replace the background of the project with a photo, which sits in

class="preview"

under

id="view"

This could easily be used to upload explicit photos by the way.

fortyonetest wrote:

well now you can hack peoples accounts using this: https://muffin.ink/blog/scratch-vulnerability-disclosure/
(which is very bad).

meaning that you could use this method to execute arbitrary code (also very bad)

so im assuming this will be patched soon

fortyonetest wrote:

well now you can hack peoples accounts using this: https://muffin.ink/blog/scratch-vulnerability-disclosure/
(which is very bad).

meaning that you could use this method to execute arbitrary code (also very bad)

so im assuming this will be patched soon

Yoshiii999 wrote:

fortyonetest wrote:

well now you can hack peoples accounts using this: https://muffin.ink/blog/scratch-vulnerability-disclosure/
(which is very bad).

meaning that you could use this method to execute arbitrary code (also very bad)

so im assuming this will be patched soon

That's a different bug

“To exploit it, an attacker needs to upload a malicious costume to Scratch”

"As of publishing, the latest version of Scratch Desktop is 3.31.1. All versions can execute arbitrary code when opening the costume editor in a malicious project. 3.29.1 and earlier can also execute arbitrary code when importing a malicious SVG."

fortyonegames wrote:

"As of publishing, the latest version of Scratch Desktop is 3.31.1. All versions can execute arbitrary code when opening the costume editor in a malicious project. 3.29.1 and earlier can also execute arbitrary code when importing a malicious SVG."

Yoshiii999 wrote:

fortyonegames wrote:

"As of publishing, the latest version of Scratch Desktop is 3.31.1. All versions can execute arbitrary code when opening the costume editor in a malicious project. 3.29.1 and earlier can also execute arbitrary code when importing a malicious SVG."

That's still a different bug, that's arbitrary code execution of JavaScript, the bug on this forum only allows CSS to “run” from an SVG

STebBerry wrote:

Yoshiii999 wrote:

fortyonegames wrote:

"As of publishing, the latest version of Scratch Desktop is 3.31.1. All versions can execute arbitrary code when opening the costume editor in a malicious project. 3.29.1 and earlier can also execute arbitrary code when importing a malicious SVG."

That's still a different bug, that's arbitrary code execution of JavaScript, the bug on this forum only allows CSS to “run” from an SVG

the scratch repository on github has a thing made to sanitize ALL SVG's. technically they are still in the same bug since it utilizes a glitch that get's past that sanitizer. if they fix the sanitizer, both bugs won't work anymore

fortyonetest wrote:

well now you can hack peoples accounts using this: https://muffin.ink/blog/scratch-vulnerability-disclosure/
(which is very bad).

meaning that you could use this method to execute arbitrary code (also very bad)

so im assuming this will be patched soon

STebBerry wrote:

the scratch repository on github has a thing made to sanitize ALL SVG's. technically they are still in the same bug since it utilizes a glitch that get's past that sanitizer. if they fix the sanitizer, both bugs won't work anymore

haandatel wrote:

let us all agree to never speak of this again

RealApplePieStudios wrote:

haandatel wrote:

let us all agree to never speak of this again

Speak of what? The thing were supposed to speak of in this chat, which is css?

haandatel wrote:

RealApplePieStudios wrote:

haandatel wrote:

let us all agree to never speak of this again

Speak of what? The thing were supposed to speak of in this chat, which is css?

it literally just caused a scratchwide hacking inccedent

RealApplePieStudios wrote:

haandatel wrote:

RealApplePieStudios wrote:

haandatel wrote:

let us all agree to never speak of this again

Speak of what? The thing were supposed to speak of in this chat, which is css?

it literally just caused a scratchwide hacking inccedent

yeah, but as long as it don't affect other peoples account, it should be fine (idk maybe it does I didn't read everything)

haandatel wrote:

RealApplePieStudios wrote:

haandatel wrote:

let us all agree to never speak of this again

Speak of what? The thing were supposed to speak of in this chat, which is css?

it literally just caused a scratchwide hacking inccedent