|
-
October 29th, 2008, 04:07 PM
#5
 Originally Posted by Slartarama
That is what the author was saying, that by using MD5() on the username and password, that it was doing the filtering, which is why there could be no SQL injection.
Wrong.
I don't know if it sounds kosher to me, but it seems that encrypting the username and password fields would actually work, I don't know.
Unless you add your own salt...
All its going to do is slow people down from one defacement per thirty seconds to one defacement every thirty minutes. At that point, either way you've got little pink kittens dancing on your homepage.
Similar Threads
-
By mikester2 in forum Other Tutorials Forum
Replies: 5
Last Post: January 31st, 2005, 01:16 PM
-
By ch4r in forum Other Tutorials Forum
Replies: 5
Last Post: January 18th, 2005, 08:20 AM
-
By spools.exe in forum Microsoft Security Discussions
Replies: 0
Last Post: September 15th, 2003, 09:47 PM
-
By CXGJarrod in forum Microsoft Security Discussions
Replies: 0
Last Post: July 23rd, 2003, 10:00 PM
-
By s0nIc in forum AntiVirus Discussions
Replies: 2
Last Post: January 27th, 2003, 12:23 PM
Tags for this Thread
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|
Reply With Quote