a thoughtful web.
Good ideas and conversation. No ads, no tracking.   Login or Take a Tour!
comment by caelum19

    That's why you have 3rd party security consultants
It's a shame the more vunerable startups can't afford these people, my older brother joked that he'd make a 'hack' for the game I'm making as soon it's released.

Even though he was joking I'm pretty sure he will. Which is a good thing really, much better he find a exploit than someone else. My joke twitter account could have easily been a professional one and GraemeA could haev easily been someone with bad intentions.

It'd be great if there was a tool to scan github repos for things that look like keys and find unsanitized database inputs, bobby-tables.exe I'd call it.

    I'm just going to laugh when someone injects code or is able to drop a table in the "next big app".
My older brother shows me these failures all the time. They're bloody hillarious, there was this one time a Garry's Mod(Pretty popular multiplayer game if you've not heard of it) server had a user function which basically just sent commands to the server. Turns out they were ran with console privileges and he used it to clear all server ranks, admin himself and do a lot of trolling.




thundara  ·  3560 days ago  ·  link  ·  

    It'd be great if there was a tool to scan github repos for things that look like keys and find unsanitized database inputs, bobby-tables.exe I'd call it.

I seem to recall that there is, but it's used for nefarious groups rather than for good.

Edit: Link

caelum19  ·  3560 days ago  ·  link  ·  

Thanks for that link.

It was pretty nice of Amazon to drop the charges. The hackers should release their program as a paid software restricted to people's own repos for more money, hackers or not I don't mind as long as my project is safe from mistakes.