Cenzic 232 Patent
Paid Advertising
sla.ckers.org is
ha.ckers sla.cking
Sla.ckers.org
How do we crash systems, browsers, or otherwise bring things to a halt, and how do we protect those things? 

Current Page: 1 of 1
Results 1 - 6 of 6
7 years ago
banshee
So, I was randomly testing security for a site and got an error containing the following SQL query: SELECT t1.title, t1.body, t1.version, MAX(t2.version) FROM pages AS t1, pages AS t2 WHERE t1.title = t2.title GROUP BY t1.title, t1.version, t1.body HAVING t1.version = MAX(t2.version) AND (t1.body LIKE '%'The part I can insert begins at the first apostraphe%' OR t1.title LIKE '%'The part I can ins
Forum: SQL and Code Injection
7 years ago
banshee
Hmmm. How about a CAPTCHA-like system? I truly can't see non-bot users causing a problem, though WP has banned Tor because of humans, not bots. Also, WP bans Tor nodes regardless of whether or not the IPs have been abusive. Personally, I find this policy shit, but w/e.
Forum: Privacy
7 years ago
banshee
Yes, when you go phishing you should be sure your site isn't vulnerable to casual users. Someone probably hacked you. It's always fun to hack the guy who's trying to phish you. :-)
Forum: Projects
7 years ago
banshee
Anonymous web remailers aren't 100% anonymous, and many are actually fed-run honeypots. You can never be 100% anonymous, but you can come fairly close. Here's how: 1) Get a good OS (e.g. OpenBSD) 1a) Make sure you have encrypted swap 2) Change your mac address (ifconfig bce0 lladr 00:00:00:00:00:00 (replace bce0 with your connection interface and 00::00 with the mac address you want) 3) Conne
Forum: Privacy
7 years ago
banshee
So, they've banned Tor, but not ckers.org? I'd suggest rooting a couple of boxes and chaining encrypted traffic through them, but you seem to be a law abiding person. Have you considered SSH accounts + Tor? You should probably get a non-UAE friend to let you use theirs, as commercial ones will be logged and might not let you use Tor. Just a thought.
Forum: Privacy
7 years ago
banshee
Just tell your bot not to send a referrer or cache stuff. Also, replacing their index would be trivial and it probably wouldn't DOS them since they have so much bandwidth. As for MySpace(tm) being secure, heh. ACTION wonders how many people break it every day.
Forum: DoS
Current Page: 1 of 1