Cracker code?

PHP programming forum. Ask questions or help people concerning PHP code. Don't understand a function? Need help implementing a class? Don't understand a class? Here is where to ask. Remember to do your homework!

Moderator: General Moderators

Post Reply
Unipus
Forum Contributor
Posts: 409
Joined: Tue Aug 26, 2003 2:06 pm
Location: Los Angeles, CA

Cracker code?

Post by Unipus »

I need to test the data security of some HTML forms that are processed by PHP and eventually inserted into MySQL. I've tested a lot of bogus values and SOME malicious code, and I've already sealed all HTML/javascript holes, but I'd like to be as thorough as possible with the server-side stuff now.

So, got any more examples of code that I could put in a textbox that would harm the server? There are a lot of forms on this site and they're handled in several different ways.
User avatar
mrvanjohnson
Forum Contributor
Posts: 137
Joined: Wed May 28, 2003 11:38 am
Location: San Diego, CA

Post by mrvanjohnson »

Might be best to get a product to do this for you. We just got done evaluating WebInspect from SpyDynamics. Not cheap, as a maater of fact very exspensive, but does a great job. We are currently trying to get approval to purchase the product. They do offer a Free-Demo but you need to talk to a sales person who will then limit the IP address range. But it does a really good job finding Cross Scripting problems and SQL injections.
Unipus
Forum Contributor
Posts: 409
Joined: Tue Aug 26, 2003 2:06 pm
Location: Los Angeles, CA

Post by Unipus »

Okay... got the files, but I guess I have to wait for the contact now.

In the meantime, if anyone has any suggestions, I'm still all ears.
Post Reply