Long story short, we found files promoting prescription drugs on our server that we didn't put there. The Windows server has very old applications and runs MySQL 5.1.11. Beyond other security flaws, could SQL injection be used to write files to the server file system? I am certain that some of these old applications are vulnerable to SQ...
Your friend connects to Facebook and checks "remember me". Facebook creates a cookie on the browser. Your friends goes to the bathroom. You steal your friend's cookies from his browser and its data. You go home and make these cookies with that data. Assuming Facebook does not associate cookies + IP, you can gain access to the Facebook...
The title says it all. If a file is uploaded to the server, how can I make sure that it's actually a picture (not just a file with a .jpg or .gif extension)? ...
How much more safer is this than just md5? I've just started look into password security. Im pretty new with php. $salt = 'csdnfgksdgojnmfnb'; $password = md5($salt.$_POST['password']); $result = mysql_query("SELECT id FROM users WHERE username = '".mysql_real_escape_string($_POST['username'])."' ...
Are there any reference patterns for .Net server applications relating to storing and retrieving sensitive per user information such as 3rd party credentials? My preliminary design thoughts are along the lines of: Generate a self signed X509 certificate with appropriately strong private key, Export the certificate and key and store th...
Hi, I'm using ASP.NET and the membership provider for my site. If the user is able to easily see their GUID, would that be considered a security risk? Should I take extra steps to prevent users from easily finding their GUID such as when they confirm their verification process. Although there are ways around this, such as using a seper...
Hello, I would like to know if there is a Linux tool that allows you to read the values of the program stack?? For instance when running the binary of a program containing the line: foo(parameter); the parameter would be put on the stack, and I would like to know if there is a tool to access it. thanks. ...
If on a login screen user submits a form with his username and password, the password is sent in plain text (even with POST, correct me if I am wrong). So the question is what is the right way to protect the user and his password against the third party who might be eavesdropping on the communication data? I am aware that HTTPS is aso...
Hi, I am developing an early version of my site and before I create the production version, I'd like people's opinions on whether I'm going about things the right way. The main objective is to allow users to share playlists. I have the User table (ASP.NET Membership), Playlist table and a permission table. I'd like a user to create a...
Has anyone got practical experience or a reference for a scheme that implements a key management scheme that would comply with the PCI DSS security standard? There are obviously quite a few implementations around given the number of companies compliant with PCI DSS but trying to find details of them is tough. When it gets down to stori...
If I put all my controls inside the EXE, is it accessible from outside like it would be accessible when it's placed in a DLL? ...
Thanks for looking. All sincerely helpful answers are voted up. I use a password strength meter to let the user know how strong the password they've chosen is. But this password checker obviously doesn't cover how weak under a dictionary attack the password is. How can I check for that, and is it worth it? Also my regular password ch...
Say I am writing a chat server and client that allows users to login with their user-name and password. Now I could just send and receive the information as plain-text but there is the risk that the information may be intercepted. So the socket should be secured to protect the user. I am not interested in certificates or verifying identi...
Is it possible to download php files from the server where they are located? I am a beginner in web area, and I worry that hackers may have special tools to download, see my code and understand where I have programmed vulnerable codes to hack my site. ...
A predefined set of objects has to be aggregated into a new object. However I want the users to specify a custom function for that. Now the naive approach would be def foo; end objects = [1,2,3] # result = eval(user_script) result = eval("objects.inject {|sum, n| sum + n }") What I obviously do not want to do! I read about $SAFE = 4...
On my site people can ask questions and answers can be posted. The question is at example.com/question/title. To post an answer, the form is submitted to example.com/question/post_answer/7 with 7 being the question id. Validation is run here to make sure an answer was entered. If not, it takes you back to the original url. So the post_...
I have a web application developed in .net 3.5, and a SQL Server database. Current auth method is a connection string in web.config, it seems like a good idea to move the authentication details out of plain text. So, I have two questions: Trusted Connection - The password policy here is strict, requiring frequent changes. Does this m...
I am using System.Xml.XmlTextReader to read xml stream from a http location. Now I need support to read from a secure https site. How can I do this by providing user credentials in some way? ...
We're intergrating our site with an external site using form posts. The form on our page will submit to extenal site on a different domain. Is this even possible? I thought that would be an injection attack. ...
By default ASP.NET uses the network service account, is this the account I should be using with ASP.NET in production? What are the best practices related to the account used by ASP.NET? Regards Edit: If this makes any difference, I'll be using ASP.NET on a Windows 2008 server ...