phpBB Academy at StarTrekGuide

phpBB3 MODs and Styles Development - Olympus MOD Database - phpBB programming Academy

Skip to content

[Security Lesson] Find the Vulnerability and Exploit :: 2

Learn about Security for code and servers. Learn how to secure your site and your code. Learn about hacking prevention, finding and identifying exploits, and recognising vulnerabilities. Plus, Weekly Security tips and Tutorials.
Forum rules
Post questions related to security, analyse and learn about vulnerabilities and exploits within code to protect yourself against hackers.
Post a reply

Re: [Security Lesson] Find the Vulnerability and Exploit :: 2

Postby Obsidian » 16 Mar 2009, 13:36

Spoiler:
Gah, I totally missed that missing {, but oh well. That's not really security related though.

I'm wondering how many more of these security lessons we can get. These are kinda fun. :)
うるさいうるさいうるさい!

StopForumSpam Spam Reporting Database
Giving xrumer and friends a great big "screw you" since 2007.
User avatar
Obsidian     Damian
Supporter
Supporter
 
Posts: 2250
Joined: 04 Mar 2008, 23:35
Gender: Male
phpBB Knowledge: 10
Top
Advertise on StarTrekGuide/phpBB Academy



phpBB Academy at StarTrekGuide
Support STG
Using PayPal Donate

Re: [Security Lesson] Find the Vulnerability and Exploit :: 2

Postby Techie-Micheal » 16 Mar 2009, 18:47

Spoiler:
I don't know what David has planned, but I can come up with a few as well. :)
Techie-Micheal     Bob
STG Development
STG Development
 
Posts: 63
Joined: 26 Oct 2007, 21:35
Gender: Male
phpBB Knowledge: 10
Top

Re: [Security Lesson] Find the Vulnerability and Exploit :: 2

Postby Typo » 21 Feb 2010, 01:02

How fun :grin:

Spoiler:
I see improper use of cookies to prove credentials which would allow anyone who can edita file using notepad to act as an admin and I also see an un-sanitized call to the superglobal _GET for 'ID' being used which is a very bad idea unless you like being open to XSS exploits.


Thanks for the distraction.

Typo
User avatar
Typo     Jeremy
phpBB Team Member
phpBB Team Member
 
Posts: 57
Joined: 21 Jan 2009, 04:37
Location: USA
Gender: Male
phpBB Knowledge: 6
Top
Previous
Post a reply

Return to Security Class

Who is online

Users browsing this forum: No registered users and 2 guests

Advertise on StarTrekGuide/phpBB Academy


Support STG Using PayPal Donate
Powered by phpBB © 2000, 2002, 2005, 2007 phpBB Group
© 2006 StarTrekGuide / phpBBAcademy

Time : 1.390s | 17 Queries | GZIP : On