?

Log in

No account? Create an account

Previous Entry | Next Entry

pwn3d!

In an IM conversation, even!

Tacit: "P
Tacit: s/"/:
visudo: 'DELETE FROM users--/g
visudo: I totally just XSS'd your substitute statement, cause you forgot the terminal slash.

Security is hard.

Tags:



Comments

( 4 comments — Leave a comment )
zanfur
May. 15th, 2008 12:04 am (UTC)
Except it's a SQL injection, not an XSS attack...but hey. It's the idea that counts, right?
zastrazzi
May. 15th, 2008 02:30 am (UTC)
We just call him lil Bobby Tables...

tacit
May. 15th, 2008 03:40 am (UTC)
I <3 little Bobby Tables. :)
wolfger
May. 15th, 2008 11:53 pm (UTC)
That's awesome.
( 4 comments — Leave a comment )