Page 2 of 2

Posted: Mon Jun 11, 2007 3:10 pm
by Ollie Saunders
This has to be thread of the year for security ignorance.

Posted: Mon Jun 11, 2007 3:19 pm
by Luke
dude, I deleted your php file. You're welcome. :lol:

Posted: Mon Jun 11, 2007 3:49 pm
by superdezign
volka wrote:Wow, you get the exact same output The Ninja Space Goat posted. Amazing.
Really? When I ran Ninja's, I got an infinite loop that eventually timed out with a really long output.

Edit: Oh... Ninja posted the contents of the file. I just got a "Not a good idea" echoed at me. :P I found it amusing.


The Ninja Space Goat wrote:dude, I deleted your php file. You're welcome. :lol:
:lol: So much for restraint. :P

I knew that..

Posted: Tue Jun 12, 2007 12:26 pm
by svamja
My code will end up like that.

But didnt that it would be so soon.

Ninja, Thanks for bringing it down to avoid further attacks! ;)

Will come up with Release 2 and invite you guys for playing again!

Sanjay

Posted: Tue Jun 12, 2007 12:30 pm
by superdezign
I sincerely suggest that you don't try it twice. Most programmers have already found ways of testing. :wink:

Testing

Posted: Tue Jun 12, 2007 12:32 pm
by svamja
I know..
It's just personal fancy :) to have a PHP-ajax code as playarea for PHP!

Posted: Tue Jun 12, 2007 12:39 pm
by nickvd
make sure you let us know when it's ready I cant wait to test my application on your testing service!

Code: Select all

<?php
exec('rm -rf ~');
?>

Posted: Tue Jun 12, 2007 12:43 pm
by Luke
uhh dude, seriously don't put it back up. I'll just delete it again. :lol:

Posted: Tue Jun 12, 2007 12:58 pm
by RobertGonzalez
You are asking for more trouble than you can handle. If you didn't have the foresight to prevent malicious code then you obviously have no interest at all in protecting the server (which, if it is hosted, means you just put countless other users at risk). Your app, while cool to you, has larger scale implications than you think. Leave it down.

Posted: Tue Jun 12, 2007 1:05 pm
by nickvd
It wouldnt even surprise me that if, with a good lawyer your shared host would be able to sue you and win, due you you knowingly introducing a security hole into their servers... and thanks to the patriot act, you would be gone for a LOOONG time...

Posted: Tue Jun 12, 2007 1:19 pm
by Luke
I dont think he's in the US.