Please hack my site, and help me improve it.

Discussions of secure PHP coding. Security in software is important, so don't be afraid to ask. And when answering: be anal. Nitpick. No security vulnerability is too small.

Moderator: General Moderators

Post Reply
condoravenue1
Forum Commoner
Posts: 30
Joined: Fri Dec 03, 2010 10:24 pm

Please hack my site, and help me improve it.

Post by condoravenue1 »

User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Re: Please hack my site, and help me improve it.

Post by s.dot »

What do you mean hack your site?
If you mean, try to intentionally break into it.. I do believe it is illegal even with permission!
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
internet-solution
Forum Contributor
Posts: 220
Joined: Thu May 27, 2010 6:27 am
Location: UK

Re: Please hack my site, and help me improve it.

Post by internet-solution »

s.dot wrote:What do you mean hack your site?
If you mean, try to intentionally break into it.. I do believe it is illegal even with permission!
Thats interesting. Have you read it somewhere?? Any reference?
User avatar
social_experiment
DevNet Master
Posts: 2793
Joined: Sun Feb 15, 2009 11:08 am
Location: .za

Re: Please hack my site, and help me improve it.

Post by social_experiment »

@condoravenue1 : Google 'Penetration testing' or 'pen tests'.
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
User avatar
s.dot
Tranquility In Moderation
Posts: 5001
Joined: Sun Feb 06, 2005 7:18 pm
Location: Indiana

Re: Please hack my site, and help me improve it.

Post by s.dot »

internet-solution wrote:
s.dot wrote:What do you mean hack your site?
If you mean, try to intentionally break into it.. I do believe it is illegal even with permission!
Thats interesting. Have you read it somewhere?? Any reference?
Feyd once told me this.. he's a brilliant man. Also something about breaking into computers across state lines (I have a bad memory).

A quick google turned up this:
http://wiki.answers.com/Q/Is_hacking_legal

The other answers for googling "is hacking legal with permission" seem to be a very gray area:
http://www.google.com/search?q=is+hacki ... =firefox-a
Set Search Time - A google chrome extension. When you search only results from the past year (or set time period) are displayed. Helps tremendously when using new technologies to avoid outdated results.
User avatar
social_experiment
DevNet Master
Posts: 2793
Joined: Sun Feb 15, 2009 11:08 am
Location: .za

Re: Please hack my site, and help me improve it.

Post by social_experiment »

Yes, hacking is illegal. If it were legal, it would be called programming. If it were programming, you'd get paid for it, not arrested. Yes, most hacking is illegal.
I especially liked this answer :lol:
“Don’t worry if it doesn’t work right. If everything did, you’d be out of a job.” - Mosher’s Law of Software Engineering
User avatar
Jonah Bron
DevNet Master
Posts: 2764
Joined: Thu Mar 15, 2007 6:28 pm
Location: Redding, California

Re: Please hack my site, and help me improve it.

Post by Jonah Bron »

I think it would be legal if it belonged to you, you hacked a local copy, or you had written permission.
jarofgreen
Forum Commoner
Posts: 71
Joined: Sun Jul 11, 2010 12:40 pm

Re: Please hack my site, and help me improve it.

Post by jarofgreen »

Depends where you are of course.

Here in the UK, I've seen a talk from a pen tester so it's clearly doable. But he said they don't work in Germany cos the laws are to strict there.

Back to the original question: You should probably define this better. For instance, would you count a DOS attack as a hack? Cos if not you should really say so now before your site disappears (I do hope your not on shared hosting)
jarofgreen
Forum Commoner
Posts: 71
Joined: Sun Jul 11, 2010 12:40 pm

Re: Please hack my site, and help me improve it.

Post by jarofgreen »

Only spent 2 mins looking at it, but noticed you have directory listings enabled. You usually want to turn those off.
Kalidass
Forum Newbie
Posts: 3
Joined: Tue Dec 21, 2010 6:07 am

Re: Please hack my site, and help me improve it.

Post by Kalidass »

condoravenue1 wrote:http://tinyurl.com/2fqbcgp

Your user name field was not checking the corect string format. so first improve that
Post Reply