Hacker News
new
|
past
|
comments
|
ask
|
show
|
jobs
|
submit
login
rmc
on Nov 8, 2011
|
parent
|
context
|
favorite
| on:
Security researcher Charlie Miller booted from App...
You don't need to "take over someone's site" to prove that their site has a SQLI vector, just put in a little string somewhere.
mike-cardwell
on Nov 8, 2011
[–]
In the UK, using SQL injection to "put a little string somewhere" would be illegal.
rmc
on Nov 8, 2011
|
parent
[–]
Oh probably. But I'm pointing out that you can demonstrate a SQLI attack without having to completly take down someone's site.
Consider applying for YC's Spring batch! Applications are open till Feb 11.
Guidelines
|
FAQ
|
Lists
|
API
|
Security
|
Legal
|
Apply to YC
|
Contact
Search:
