Search:

The one thing the (quite old) article at WebmasterWorld doesn't say is always sanitise the user input or your database will be open to SQL Injection i.e

$userName =...

There's no SSH access and it has to be an automatic process as the files are uploaded by the client through a Java-based FTP applet. I then need to strip out bad characters from the filenames after...

Hi,

I've been Googling my butt off and still found no satisfactory answer to this, so maybe there's someone here who can help.

I'm on a shared hosting environment and this can't change as it's...

To the best of my knowledge, if you are using https you need to call all assets as https or you will that message about mixed secure and insecure items. Calling an asset straight http will make...

I took a screengrab when it happened this morning. It looks so nicely formatted it's so very tempting to click it :-)

It's possible it may be legit, but whether or not Adobe recommends only...

For the last few days on Facebook I've been getting a message that my Flash Player is out of date and I need to update it. This happens on lots of pages, not just particular pages with user-uploads...

They bought it second hand, so it could already have had it installed.

On the first page of this thread there are a couple of Trojans mentioned too which can open up these ports and/or install VNC...

I've used this Java applet to let clients upload files to our work website -

http://www.javaatwork.com/ftp-java-upload-applet/details.html

It's an FTP client so it allows large files that...

Since turning off VNC ports it's stopped happening. They did run a number of virus checkers and one of them picked up some possible virii, but as it costs money, they decided not to proceed any...

When I first spoke to them, they said they replaced the mouse with a wireless one in case it was a problem with the mouse. But it's quite possible the first mouse was also wireless.

They do use...

It turns out virtually all VNC and Remote Desktop options were on and the Firewall was allowing them through. They're all turned off now.

They said when the mouse moved it moved really quickly and...

All good questions - I'll ask tonight when I give them a ring - Dad at least understands what I'm trying to talk to him about when it comes to computers :-)

Cheers.

Hihi,

My parents computer running XP has started acting strangely. Unfortunately I can't see it in action as they're in a different state, but they say every now and then the mouse will start...

There's a disection of PHPBB3 capture breaking here as well as previous blog entries explaining the whole "floodfill" thing to break CAPTCHAs ->

http://www.darkseoprogramming.com/category/captcha/...

There's a script here that will look for subdomains : http://www.edge-security.com/subdomainer.php

They also have heaps of other cool tools for Pentesting.

Cheers,
Niggles

Instead if a CAPTCHA I use 2 extra fields to detect bot-behaviour.

One is "email_again" with CSS display set to "none" -> if this is filled in it's likely to be a bot filling every form.

The...

Google "how to build a website" or similar to get some tutorials as a complete lesson on building a website is probably beyond the scope of this forum. Heck, after building them myself for 10 years...

I had a play around with it when I first got a Bluetooth enabled phone 12 months ago, but didn't find any vulnerable devices after a month or so and erased it. It seems even here in Aussie-land the...

I find it's useful for letting characters such as ' or " be entered into comment fields or in CMS backend without risk of terminating the SQL command.

Ouch - I use VLC for playing .avi files on my Mac!

I find that mysql_real_escape_string works the best as no matter what they put in or how you escape things it's not going to break the query.

The other thing, is to surround the column name with...

SirDice - Sent you a PM with a link to see the code.

We ended up just wiping the server and and re-installing a clean backup of the site minus the areas we felt may have been the vulnerable entry...

Hi,

One of our clients servers was hacked overnight (it appears through a vulnerability in the Sphider script we used) and a "Hacked By kangkung Indonesian Hacker" placed on the front page + a...

Yes, it's a Dell Laptop running Vista. I looked at Internationalisation settings and keyboard setup, but none seem to enable the shortcut. The fact that a similar model had it working by default...

Hi,

I'm a Mac person and I've tried finding a solution to this with no luck so far.

On our new work PC running Vista and my girlfriends old Win 98 box, you can do ü and é type characters by...