florin_darck

Bine ai (re)venit !

The researcher once known as Rain Forrest Puppy explains how he discovered the first SQL injection more than 15 years ago. SQL injection has become the scourge of the Internet era. Year after year, it is cited as one of the top security vulnerabilities on the Internet, responsible for countless data breaches. Jeff Forristal, also known by the alias Rain Forrest Puppy, was one of the first people to ever document SQL injection. Forristal, now the CTO of mobile security vendor Bluebox Security, wrote the first public discussion about it, back in 1998. In a video interview with eSecurity Planet, Forristal discusses how he chose his alias and how he first came across SQL injection. Back in December of 1998, Forristal was writing about how to hack a Windows NT server and found something out of the ordinary. At that time in the late 1990s, few websites were using full Microsoft SQL server databases, he said. Instead many used simple Microsoft Access-based databases. "I can completely change the way SQL works," Forristal said. "At that point, there were no real security properties fronting a database." Even after all these years, Forristal is not surprised that SQL injection remains a large security concern. "Certainly [sql injection] is still there," Forristal said. "From the perspective that it's still prolific, yeah it's an interesting problem, but core vulnerability classes are prolific in many places anyway." Watch the full video interview with Jeff Forristal below: http://c.brightcove.com/services/viewer/federated_f9?width=425&height=344&flashID=myExperience2866308721001&bgcolor=#FFFFFF&playerID=2387428403001&playerKey=AQ~~,AAAAE9-JbIE~,kp-fJ_AakbJwhLDQD27rR7clAKeyf6c-&isVid=true&dynamicStreaming=true&@videoPlayer=2866308721001&autoStart=&debuggerID=&startTime=1385482527330 Source : http://esecurityplanet.com

Pharrell Williams - Happy

Ce frumos explica

Ceva de citit : Security and Open Redirects

Se face la sfarsitul lunii noiembrie, sau la inceputul lunii decembrie !

Yahoo bugbounty: Hackerone, Inc, sent you $592.00 USD - s-au facut oameni seriosi

A bug bounty program for the internet! #internetbugbounty https://hackerone.com/ibb

Ti-au gresit twitter-ul

Yahoo! has awarded you a $592 bounty for bug ****329. Not bad

' or 1=1 limit 2,1-- -

Sper ca si-au pregatit un buget mare pentru bugbounty PS: flash XSS chiar acum

Parca vad ca luam toti duplicate Asta care l-am gasit eu face figuri.. nu sare mereu

Exact acum am gasit si eu unul in mail. Sper sa nu fie tot al tau.

De acord cu GarryOne !

http://www.youtube.com/watch?v=tSlEJutW0gs

Exact acelasi raspuns l-am primit si eu pentru un Flash XSS

PArerea mea: Vrei sa-ti bage tie cineva shell prin LFI ca tu nu reusesti ps: Daca tot vrea sa dea deface, tare greu era un deface via stored xss in admin panel

Palestinian hackers of KDMS Team, the ones that have defaced numerous high-profile domains over the past days through DNS poisoning, have hijacked metasploit.com, the website dedicated to the popular penetration testing software Metasploit. They've also defaced Rapid7's website, rapid7.com. “Hello Metasploit. After whatsapp, avira, alexa, avg and other sites we was thinking about quitting hacking and disappear again! But we said: there is some sites must be hacked. You are one of our targets. Therefore we are here,” the hackers wrote on the defaced websites. “And there is another thing. Do you know Palestine? There is a land called Palestine on the earth. This land has been stolen by Zionist. Do you know it? Palestinian people has the right to live in peace Deserve to liberate their,” they added. It’s uncertain at this point if the hackers have really hacked Metasploit.com and Rapid7.com or if this is another case of DNS hijacking. It’s most likely the second variant. In any case, I’ve reached out to Rapid7 to find out exactly. The post will be updated when they respond to my inquiry. Updated to add that Rapid7's website has also been defaced. Sursa: Latest News

OFF: Nu-ti lasa numarul aici.. Celor interesati zi-le sa-ti ceara numarul pe pm