Beefy Boxes and Bandwidth Generously Provided by pair Networks
Do you know where your variables are?

Re: Re: web cgi forms data security...

by extremely (Priest)
on Dec 30, 2003 at 21:23 UTC ( #317778=note: print w/ replies, xml ) Need Help??

in reply to Re: web cgi forms data security...
in thread web cgi forms data security...

I'm going to be interested in how you propose to retrieve the data from that digest... since it returns a 16 byte one-way hash of the data. :)

Now, to give you credit, you could at least verify that the people hadn't switched up the data from form to form with this. That isn't an unimportant task and worthy of implementing even if the users decides to go with SSL only and just let HTTP and the browser resend the arguments over and over.

$you = new YOU;
honk() if $you->love(perl)

Comment on Re: Re: web cgi forms data security...
Replies are listed 'Best First'.
Re: Re: Re: web cgi forms data security...
by sgifford (Prior) on Dec 30, 2003 at 21:37 UTC

    That's actually easy to do. Each time the page loads, you just create a massive distributed computing project to try all possible usernames and passwords.

    Might be a little slow, though.

Log In?

What's my password?
Create A New User
Node Status?
node history
Node Type: note [id://317778]
and the web crawler heard nothing...

How do I use this? | Other CB clients
Other Users?
Others chilling in the Monastery: (5)
As of 2016-04-30 09:18 GMT
Find Nodes?
    Voting Booth?
    :nehw tseb si esrever ni gnitirW

    Results (441 votes). Check out past polls.