Block SQL Injection

Cliff Wells cliff at develix.com
Thu Apr 21 07:31:43 MSD 2011


On Wed, 2011-04-20 at 20:07 -0700, Payam Chychi wrote:
> I was easy... So you would use some admins stupidity to backup 23
> years of experience? 

The fact that it happened to be the admin who was inept only made the
attack simpler and more direct. It could have been any user's account. 

Any and all information is valuable in compromising a system. Databases
are not only a source, but often the primary source of such
information. 

> That makes no sense to me but hey its ok, its the
> internet after all

Yes, I'm aware it's often a veritable race to the bottom, no need to
demonstrate.

> Hope you find an answer to your problem

I don't have any problems that I've aired in this thread, but thanks.

Cliff





More information about the nginx mailing list