 | Forum Threads |  |
| Random Photo | |
| Member Poll | |
|
| Comments |
on March 22 2010 23:04:58
Looking at the + and - columns, I'm guessing that this is hilarious, but we just don't get it.  |
on March 22 2010 23:18:44
Or it's not hilarious and we don't get it. 
Or the minus is used as a blank vote  |
on March 23 2010 00:34:18
Well, maybe some explanation is in order; an SQL injection is basically someone trying to gain access to a SQL database via user input fields, such as this comment box I'm writing in at the moment. If user input is accepted as is and inserted in the database directly, you might allow a user to write some espace characters like \\\\\\\ wich escape the last character entered, and then eventually being able to execute some command that destroy the database, or make the hacker admin or some such undesirable thing.
In this case, the intention seems to be to hack traffic cameras
(which is not to be taken seriously) |
on March 23 2010 15:21:52
A semi-colon ends an SQL statement. Now, if I enter something with a semi-colon into, say the shout box, and this is saved straight to the database (which it would be if it wasn't coded very well), then the database would stop saving the shout at the semi-colon, and presume that whatever came next was an actual SQL statement.
If that was, say 'DROP DATABASE gongumenn', and I guessed the database name correct, then the entire site would vanish in a puff of smoke.
'Tablice' is Polish for 'license plate'. |
|
|
| Post Comment | |
Please Login to Post a Comment.
|
|
|
| Login | |
Forgotten your password? Request a new one here.
|
| | 
| Last Seen Users | |
| Obituaries | |
You must login to post a message.
|
| |
|
fun
