Beefy Boxes and Bandwidth Generously Provided by pair Networks
P is for Practical
 
PerlMonks  

Re: Re: web cgi forms data security...

by extremely (Priest)
on Dec 30, 2003 at 21:23 UTC ( #317778=note: print w/ replies, xml ) Need Help??


in reply to Re: web cgi forms data security...
in thread web cgi forms data security...

I'm going to be interested in how you propose to retrieve the data from that digest... since it returns a 16 byte one-way hash of the data. :)

Now, to give you credit, you could at least verify that the people hadn't switched up the data from form to form with this. That isn't an unimportant task and worthy of implementing even if the users decides to go with SSL only and just let HTTP and the browser resend the arguments over and over.

--
$you = new YOU;
honk() if $you->love(perl)


Comment on Re: Re: web cgi forms data security...
Re: Re: Re: web cgi forms data security...
by sgifford (Prior) on Dec 30, 2003 at 21:37 UTC

    That's actually easy to do. Each time the page loads, you just create a massive distributed computing project to try all possible usernames and passwords.

    Might be a little slow, though.

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://317778]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others avoiding work at the Monastery: (7)
As of 2014-08-01 10:42 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    Who would be the most fun to work for?















    Results (4 votes), past polls