I wrote wrote a shell script that I bound to my gf's multimedia keys, eg, the play key would run 'music play', which would issue the amarok dcop play command over ssh.
"select id from users where username='admin' and password='mypwd' or test='test'"
which would always return an ID, whether the password was correct or not, as test is always equal to test,
if you ran this:
$un = mysql_real_escape_string($_GET['username']); $pd = mysql_real_escape_string($_GET['password']); $db_query = "select id from users where username='$un' and password='$pw'";
the query being executed would be this:
select username from users where username='admin' and password='mypwd\' or test=\'test';
which would only return the username if the password was actually mypwd' or test='test, which is unlikely
(sql counts \' as a printable ' char, without interpretting it as a quote)
Re:The problem with the alternatives to PHP
on
Pro PHP Security
·
· Score: 1
php is nice for some scripting tasks where sed, grep, awk and cut are just clumbersome. Also, stuff like
echo "update x set y=y+1 where z=a" | mysql -uuser -ppassword mydatabase
just seems like a nasty hack.
I'm not saying it should be used for desktop gui apps though
Re:Seems to be a matter of reading 'man fstab' ...
on
A Closed Off System?
·
· Score: 1
My point was that to prevent applications escalating their privilages, noexec is pointless, as somebody can just run their privilage_escalation app, bypassing the noexec flag
Re:Seems to be a matter of reading 'man fstab' ...
on
A Closed Off System?
·
· Score: 2, Insightful
Although you can workaround this:/lib/ld-linux.so.2/noexec/mounted/partition/escalate_to_root
or more likely:/lib/ld-linux.so.2/usr/local/bin/ksolitaire
Well i remember a story on slashdot a while ago, about them hiring the lead python developer, and i remember reading something along the lines that they did that because they use python for their search code, or something. I did say IIRC.
Probably because of two reasons - Google is a a company that afaik writes everything in python, on linux boxes. Their search runs on a linux cluster - something microsoft wont beable to compete with any time soon. Also, it probably wont be allowed by the american equiv of the monopolies and mergers commission
why not store the entire filesystem on RAM with a battery, in a tmpfs. when you want to wipe it, put a thousand volts through it for a couple of seconds, then cut power?
An example of that - I found a bug in IE, where a css stylesheet would cause IE to crash, i posted this stylesheet to somebody on slashdot who asked about it - i dont know what became of that, but this was found by chance, not by me being a black hat (the person i showed the stylesheet to may have found a way to exploit it, i dont know).
knock together some scripts, host a webserver which gets the content and creates 10 seconds worth of 'pages', write an webpage that pulls 10 seconds worth of pages at a time using the javascript xmlrpc object, then renders them. obviously, you'l have to work out how 'fast' the telnet server is redrawing the window for the redraw loop.
i'd do it and hook it up to my girlfriends dvb card using mencoder and netcat, and write change channel buttons into the webpage, but i just cant be bothered.
On a totally unrelated note, Windows just told my girlfriend that holding down 'shift' for more than 5 seconds turns on 'sticky keys'. She was just sat there, eating her tea, not pressing shift.
DID YOU KNOW THAT PEOPLE CAN TELL IF YOU ARE THIRTEEN YEARS OLD IF YOU TYPE IN CAPS AND DONT USE ANY PUNCTUATION BUT I CANT THINK OF ANYTHING LONG ENOUGH TO DEMONSTRATE MY POINT SO I WILL JUST WRITE SOME BOLLOCKS OH THERE WE GO THE LAST BIT WAS BOLLOCKS ANYWAY
slashdot's lameness filter is lame. slashdot's lameness filter is lame. slashdot's lameness slashdot's lameness filter is lame. slashdot's lameness filter is lame. filter is lame. slashdot's lameness filter is lame. slashdot's lameneslashdot's lameness filter is lame. ss filter is lame.
Slashdot Mirror
no, i was being sarcastic, as the gp claimed debian dont support amd64, as there is no way of running firefox without a 32bit chroot
hmm, best go remove it from the amd64 server i installed and maintain - that has a great need for 32-bit firefox...
its rock solid on our AMD64 hardware (yes, sarge isn't official on AMD64, but weve not had any problems)
I wrote wrote a shell script that I bound to my gf's multimedia keys, eg, the play key would run 'music play', which would issue the amarok dcop play command over ssh.
Try doing that without dcop.
Where can I get this extension to katapult ( I already run kopete and katapult )
SQL Injection attacks are performed like this (using HTTP GET instead of POST as its easier to explain):
d '+or+test='test
www.mysite.com/login?username=dave&password=mypwd
you would do something like and see if a 'username' was returned:
"select id from users where username='{$_GET['password']}' and password='{$_GET['password']}'"
To attack that code, you would do this:
www.mysite.com/login?username=admin&password=mypw
that would run this code:
"select id from users where username='admin' and password='mypwd' or test='test'"
which would always return an ID, whether the password was correct or not, as test is always equal to test,
if you ran this:
$un = mysql_real_escape_string($_GET['username']);
$pd = mysql_real_escape_string($_GET['password']);
$db_query = "select id from users where username='$un' and password='$pw'";
the query being executed would be this:
select username from users where username='admin' and password='mypwd\' or test=\'test';
which would only return the username if the password was actually mypwd' or test='test, which is unlikely
(sql counts \' as a printable ' char, without interpretting it as a quote)
php is nice for some scripting tasks where sed, grep, awk and cut are just clumbersome. Also, stuff like
echo "update x set y=y+1 where z=a" | mysql -uuser -ppassword mydatabase
just seems like a nasty hack.
I'm not saying it should be used for desktop gui apps though
My point was that to prevent applications escalating their privilages, noexec is pointless, as somebody can just run their privilage_escalation app, bypassing the noexec flag
Although you can workaround this: /lib/ld-linux.so.2 /noexec/mounted/partition/escalate_to_root
/lib/ld-linux.so.2 /usr/local/bin/ksolitaire
or more likely:
What about recording a VNC session, or playing it inside a VM? Im pretty sure vmware can record to flash, can it record to avi?
In linux, the drivers run in kernel mode. You can write userspace non-root filesystems, but not device drivers.
Yes, that article. I only had a quick look but could only find the article about google offering him a job
Well i remember a story on slashdot a while ago, about them hiring the lead python developer, and i remember reading something along the lines that they did that because they use python for their search code, or something. I did say IIRC.
Probably because of two reasons - Google is a a company that afaik writes everything in python, on linux boxes. Their search runs on a linux cluster - something microsoft wont beable to compete with any time soon. Also, it probably wont be allowed by the american equiv of the monopolies and mergers commission
I see lots of people who seem incapable of driving and watching where they are going at the same time, but thats still legal.
For maintaining the data in ram, a battery would suffice for a long time, if not, get a bigger battery.
why not store the entire filesystem on RAM with a battery, in a tmpfs. when you want to wipe it, put a thousand volts through it for a couple of seconds, then cut power?
I believe mlDonkey handles those protocols and more
As a guess, it converted it to a 'dynamic disk', which i believe causes this to happen. look for your hardware manufacturers low level format utility
An example of that - I found a bug in IE, where a css stylesheet would cause IE to crash, i posted this stylesheet to somebody on slashdot who asked about it - i dont know what became of that, but this was found by chance, not by me being a black hat (the person i showed the stylesheet to may have found a way to exploit it, i dont know).
yes, but that wouldn't be web-2.0 would it?
knock together some scripts, host a webserver which gets the content and creates 10 seconds worth of 'pages', write an webpage that pulls 10 seconds worth of pages at a time using the javascript xmlrpc object, then renders them. obviously, you'l have to work out how 'fast' the telnet server is redrawing the window for the redraw loop.
i'd do it and hook it up to my girlfriends dvb card using mencoder and netcat, and write change channel buttons into the webpage, but i just cant be bothered.
if you have a DVB card, its something like this:
mplayer dvb://"bbc one" -vo aa
i cant remember exactly
On a totally unrelated note, Windows just told my girlfriend that holding down 'shift' for more than 5 seconds turns on 'sticky keys'. She was just sat there, eating her tea, not pressing shift.
DID YOU KNOW THAT PEOPLE CAN TELL IF YOU ARE THIRTEEN YEARS OLD IF YOU TYPE IN CAPS AND DONT USE ANY PUNCTUATION BUT I CANT THINK OF ANYTHING LONG ENOUGH TO DEMONSTRATE MY POINT SO I WILL JUST WRITE SOME BOLLOCKS OH THERE WE GO THE LAST BIT WAS BOLLOCKS ANYWAY
slashdot's lameness filter is lame. slashdot's lameness filter is lame. slashdot's lameness slashdot's lameness filter is lame. slashdot's lameness filter is lame. filter is lame. slashdot's lameness filter is lame. slashdot's lameneslashdot's lameness filter is lame. ss filter is lame.