Text only | Text with Images

Datahopa

Computer Related => PC Software => Topic started by: Snowcrash on October 09, 2013, 17:46:59 PM

Title: SQL Hack
Post by: Snowcrash on October 09, 2013, 17:46:59 PM
Thought this was interesting...

Hacking Websites with SQL Injection - Computerphile (http://www.youtube.com/watch?v=_jKylhJtPmI#)
Title: Re: SQL Hack
Post by: Freddy on October 09, 2013, 18:36:29 PM
Yep, when I was learning PHP (still am really) this was something I had to look at.  There's a lot of ways to protect a site, so far so good, but it's never going to be 100% uncrackable.
Title: Re: SQL Hack
Post by: Snowcrash on October 24, 2013, 18:14:38 PM
Found another on a similar vein...

Cracking Websites with Cross Site Scripting - Computerphile (http://www.youtube.com/watch?v=L5l9lSnNMxg#)
Title: Re: SQL Hack
Post by: Snowcrash on December 03, 2013, 21:38:13 PM
And a third. Combined, these are the 3 major security holes for web browsers.

Cross Site Request Forgery - Computerphile (http://www.youtube.com/watch?v=vRBihr41JTo#ws)
Title: Re: SQL Hack
Post by: Freddy on December 03, 2013, 21:52:00 PM
A lot of sites will have this covered of course, but it's easy to forget the simple things. I spend at least half my time coding thinking about how I would crack it.
Title: Re: SQL Hack
Post by: DaveMorton on December 04, 2013, 00:15:49 AM
This is an area that I've been ignorant of until I started learning how to use CodeIgniter, and relaized that without knowing it, I've been doing CSRF attacks without knowing that's what I've been doing. I've called it "form spoofing" in the past, and have done it to Wikipedia as a way to scrape data back in the days before their API. :o
Title: Re: SQL Hack
Post by: Freddy on December 04, 2013, 14:50:49 PM
I think a lot of us have done page scraping at one time or other Dave thinking it was only a little naughty  :LOL:
Text only | Text with Images