Beefy Boxes and Bandwidth Generously Provided by pair Networks
Just another Perl shrine
 
PerlMonks  

Re^2: Perfecting index.pl some more!

by Nik
on Apr 30, 2005 at 11:27 UTC ( #452835=note: print w/ replies, xml ) Need Help??


in reply to Re: Perfecting index.pl some more!
in thread Perfecting index.pl some more!

ok!
But how would one ahck my page since i use placeholder so he can insert bogun input neither he can http://www.nikolas.tk/cgi-bin/index.pl?select='../../somepath/somefile') ?! By what exact way?


Comment on Re^2: Perfecting index.pl some more!
Re^3: Perfecting index.pl some more!
by rg0now (Chaplain) on Apr 30, 2005 at 11:56 UTC
    Beware of the false sense of being secured, and instead, be paranoid! You can enver know, how weird ideas other might have to crack your tiny little script...

    Although using placeholders is considered to be a good practice, here SQL Injection myths under DBI? you will find an extensive discussion on this topic and a bazillion of ideas on how to crack SQL queries. Pick the one you most like!

    I think that it is more of a phylosophical question than a practical one: the point is that one should never ever post production CGI code on public forums!

      Well its my personal webpage and if i dont paste the code nobody will really understand what iam about to do. :-)

      I dont mind be hacked too as long as the hacker told me how he succeeded ;-)

Log In?
Username:
Password:

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://452835]
help
Chatterbox?
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others lurking in the Monastery: (6)
As of 2014-09-19 22:38 GMT
Sections?
Information?
Find Nodes?
Leftovers?
    Voting Booth?

    How do you remember the number of days in each month?











    Results (150 votes), past polls