XP is just a number | |
PerlMonks |
Re: Perfecting index.pl some more!by rg0now (Chaplain) |
on Apr 30, 2005 at 09:54 UTC ( [id://452821]=note: print w/replies, xml ) | Need Help?? |
Ok, lately this was the second time that someone posted an entire CGI script at PerlMonks, complete with the (presumably) correct address the CGI script is (or will be) available at. (Well, actually, this is the third time. The first node was this one: Do not undertand this error message and Nik does it for the second time, too...)
In order to understand, why this is an exceptionally bad practice, you have to be aware of the basic methodology of cracking a web page. At least 90% of the work you do when you want to abuse a web site is actually gathering of relevant information:
Observe that you give all these information very nicely in your post, so you do he majority of the hard work of the attacker. And this is exactly why crackers often hang around at sysadmin forums and mailing lists: these places are invaluable sources of easy information... Do yourself a favour: only post stripped down versions of your CGI scripts and remove all sensitive pieces of data (as you did very cleverly with the passwords). This will also make it easier for other monks to consume your question by the way... Update: rephrased a bit...
In Section
Seekers of Perl Wisdom
|
|