Domain Manage

sql injection, watch this

Discussion in 'General Board' started by ONExFOUR, Oct 28, 2006.

Thread Status:
Not open for further replies.
  1. ONExFOUR

    ONExFOUR Member

    Joined:
    Oct 2006
    Posts:
    34
    Likes Received:
    1
  2. Domain Forum

    Acorn Domains Elite Member

    Joined:
    1999
    Messages:
    Many
    Likes Received:
    Lots
     
  3. jonno United Kingdom

    jonno Active Member

    Joined:
    Oct 2005
    Posts:
    621
    Likes Received:
    7
    lol that's well new that :p
     
  4. SecNam

    SecNam Moderator Staff Member

    Joined:
    Jul 2004
    Posts:
    5,127
    Likes Received:
    37
  5. olebean

    olebean Well-Known Member

    Joined:
    Nov 2005
    Posts:
    2,216
    Likes Received:
    29
    I am concerned that a training video gets onto the site..
     
  6. mibut United Kingdom

    mibut Active Member

    Joined:
    Apr 2005
    Posts:
    273
    Likes Received:
    5
  7. admin Spain

    admin Administrator Staff Member

    Joined:
    Jun 2004
    Posts:
    10,084
    Likes Received:
    115
    Incredible that Google would host hacking training videos, amazing how easy it is (only notepad required) - if you know what you are doing
     
  8. dhscott

    dhscott Active Member

    Joined:
    Oct 2006
    Posts:
    171
    Likes Received:
    5
    Any site that has SQL Injection issues however doesn't exactly have the best programmers behind it i'd say!

    There's loads of these on YouTube, most of them done by script kiddies publishing what they have "learnt" from sites which actually promote security conscious programming. :(
     
  9. jonno United Kingdom

    jonno Active Member

    Joined:
    Oct 2005
    Posts:
    621
    Likes Received:
    7
    Exactly - if you class yourself as a web developer and are not familiar with the prevention of exploits such as SQL injection and Cross-site scripting, you've either been living under a rock for the past 6 years or you should get your head looked at :p

    For the people paying coders to write software for you - make sure you question your developers to see if they have taken the correct methods to secure your site :)
     
  10. static

    static Active Member

    Joined:
    Feb 2006
    Posts:
    220
    Likes Received:
    5
  11. ONExFOUR

    ONExFOUR Member

    Joined:
    Oct 2006
    Posts:
    34
    Likes Received:
    1
    I know sql injection is an old school trick and it might not work anymore with most of the servers, but this was just an example to show the lack of the security of some websites, once your website becomes famous on the internet, it would attract hackers (when I say hackers I don’t mean kiddies playing with scripts or using ready made hacking software and etc… I’m talking about proper coders such as ichteam G®³³†z †º : måjîdÑT-Tåñhå-ÚñXå¢R åñd åll ‡®åñîåñ Hå¢kè®$ )
     
  12. philipp United Kingdom

    philipp Active Member

    Joined:
    Feb 2005
    Posts:
    639
    Likes Received:
    16
    So the moral is, write your code carefully, and don't rely on Javascript to validate your input.

    P.
     
Thread Status:
Not open for further replies.

Share This Page