Hi y'all I'm developing a web application. Like, a proper one, I've used things like Joomla in the past to make awesome stuff but have now finally got my hands dirty with PHP, MySQL and CodeIgniter. When you're making serious web apps that'll handle large amounts of data, what precautions should I take against my data inputs to fully s...
Hi, This is a black box test, which means I don't have any way to access the source code. Because I have to reproduce the error, file a report, and then present to the programmer (who are not our company's employee), I have to find the crashing URL / http / xhttp request. Is there any way to do so on the SDK emulator? Thanks a lot. ...
If I send out Ad Hoc distributions of my App, is it possible for someone to hack the included files and get my code? I know it is compiled, but that Ad Hoc folder has a lot of stuff in it. ...
This is for research purposes on http://cssfingerprint.com Consider the following code: <style> div.csshistory a { display: none; color: #00ff00;} div.csshistory a:visited { display: inline; color: #ff0000;} </style> <div id="batch" class="csshistory"> <a id="1" href="http://foo.com">anything you want here</a> <a id="2" hre...
Let's take the following vulnerable query ($id not being escaped): SELECT * FROM table WHERE id = $id Would it be possible in MySQL 5.x to modify some data through an UPDATE statement which would appear inside the hacked SELECT statement? I thought about something using benchmark() function: SELECT * FROM table WHERE id = id OR benc...
is it possible to use raw sockets (on windows) to close a connection between 2 hosts? if yes then is this the best practice. i am not a cracker, i have a security assignment of 2 phases. phase 1- is to create a sniffer. phase 2- is to create a raw socket and choose a sniffed packet and attack the connection to close it. so how should i d...
Hello! I've been getting these messages in apache error.log for quite a while: [client 217.197.152.228] File does not exist: /var/www/phpmyadmin [client 217.197.152.228] File does not exist: /var/www/pma [client 217.197.152.228] File does not exist: /var/www/admin [client 217.197.152.228] File does not exist: /var/www/dbadmin [client 2...
I had a rather interesting case of hacking on my ASP.Net MVC website. For this website I had implemented a rather uncomplicated authentication system for my admin area -- an encrypted cookie which had an identifying signature for the member. Whenever the admin visits the website the cookie would be decrypted and signature verified. If ma...
i have never seen a buffer overflow exploit in live action. supporse I have found a server that seems to have vulnerabilities. Where can i get proof of the concept code preferably in c/c++ to exploit the vulnerability? eg i found this vulnerability Multiple directory traversal vulnerabilities in functions such as 'posix_access()'...
Reading this question different users get the same cookie value in aspxanonymous and search for a solution, I start thinking, if it is possible for some one to really steal the cookie with some way, and then place it on his browser and login lets say as administrator. Do you know how form authentication can ensure that even if the coo...
As far as know, I must be careful with PHP, and I think Javascript. What else? ...
Is there a way to determine the argument types of Objective-C methods traced by Instruments? I created a custom DTrace Instrument that just lists all Objective-C calls in a class. I am trying to swizzle one of the methods, but only the method name is listed. Is there a way to determine the argument types? Or as an alternative, a way to ...
I am trying to acquire the file path of an item within the NSMenuItem object. Using [objectname action] i am able to properly acquire the action (cmdOpen). But [objectname target] returns a null value. According to the documentation in the apple developer website, if the value is null, the action is sent to the first-responder. I want to...
Hi friends, I use CodeIgniter, and having trouble with hacking :( is it possible to make SQL Injection to the login code below: function process_login() { $username = mysql_real_escape_string($this->input->post('username')); $password = mysql_real_escape_string(MD5($this->input->post('password'))); //Check user ta...
You always read in changelogs when your system or browser or any program updates that they fixed a bug that made possible that an attacker can execute any code in your computer with a forged website, or attacking your computer with carefully forged packets, etc... Because you read it so often that means any program can have similar vuln...
I am working on a debugger project for a game's scripting engine. I'm hoping to write the debugger's GUI in C#. The actual debugging engine, however, is embedded in the game itself and is written in a mixture of C, C++, and assembly patches. What's the best way to handle communication between the debugger GUI and the debugging engine? T...
Is there any really low level programming language that can get access the memory variable directly? For example, if I have a program have a variable i. Can anyone access the memory to change my program variable i to another value? ...
If I was going to put my site for the public's use, what are some security issues that I should be worried about? I know of SQL injections. What other hacks/injections should I be aware of? ...
A moderator of a forum i own did so. I still can't belive on it, and i can't understand how he did it. Can someone explain me? He said he used only HTTP GET requests The moderator said that the server (nginx) would normally send the output of the executed php files, but since that the files are 777 adding some parameters to the URL he c...
I am trying to find Paul Graham's essay that mentions something to the effect of "hackers can't know if they're good". In it, he says he (with a seemingly false humility) says he himself doesn't even know if he's good. P.S. Sorry for the softball question. I did try searching his site and it was unproductive. ...