Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
If you have some interesting news or want to throw up a link to discuss it, here's the place. Anything is okay, even shameless vendor launches (since that is often applicable to what we work on). 

Current Page: 1 of 1
Results 1 - 3 of 3
3 years ago
doodlefish
This is my PHP Suhosin decryption tool... handy for decrypting sensitive data stored in session files / cookies. http://www.idontplaydarts.com/2011/11/decrypting-suhosin-sessions-and-cookies/
Forum: News and Links
3 years ago
doodlefish
A nice bypass for PHPCaptcha and Securimage was posted to full disclosure a few hrs ago. http://seclists.org/fulldisclosure/2011/May/417 Proof of concept code can be downloaded from http://www.senseofsecurity.com.au/advisories/SOS-11-007.zip
Forum: Robots/Spiders/CAPTCHAs, oh my
4 years ago
doodlefish
There seem to be a lot more sites starting to use MongoDB - its got a nice PECL driver which enables you to link it into PHP quite easily. Quite misleadingly a page states on the offical mongoDB site says: "Generally, with MongoDB we are not building queries from strings, so traditional SQL Injection attacks are not a problem." In PHP queries are passed in as objects. eg. $db-&g
Forum: SQL and Code Injection
Current Page: 1 of 1