No, as it is interpreted on the server-side and the results are sent to the user. If you want to view the source code of a site you control in-browser, consider the FirePHP extension for Firebug, or just access your site files with your preferred method.
When Firefox web browser checks a security certificate, it also checks with the issuing authority if the certificate is valid. It appears that, near a certificate’s expiration date, the issuing authority may release a new certificate. The two certificates have conflicting expiration dates. For reasons unknown, this caused Firefox to report a sec_error_revoked_certificate error and … Read more
It drops the students table. The original code in the school’s program probably looks something like This is the naive way to add text input into a query, and is very bad, as you will see. After the values from the first name, middle name textbox FNMName.Text (which is Robert’); DROP TABLE STUDENTS; –) and the last name textbox LName.Text (let’s … Read more
This is specific for each site. So if you type that once, you will only get through that site and all other sites will need a similar type-through. It is also remembered for that site and you have to click on the padlock to reset it (so you can type it again): Needless to say … Read more
I assume that those crawlers are looking for auth_user_file.txt because its name is probably given in some tutorial for Apache’s mod_authn_file module; when an admin makes the mistake of putting the file in the webserver’s DOCROOT, then it is free for downloading by anyone who asks. Once an attacker downloads the file, they can brute-force the password hashes, and gain … Read more
Tom Scott explains this in his YouTube video: http://a/%%30%30 is decoded as http://a/%00 because %30 is 0 http://a/%00 is then further decoded by another piece of code as http://a/<NULL> because %00 is the NULL character The bug was originally demonstrated by Andris Atteka who simply added a null character to the string.
What is the simplest way of doing two way encryption in common PHP installs? I need to be able to encrypt data with a string key, and use the same key to decrypt on the other end. The security isn’t as big of a concern as the portability of the code, so I’d like to … Read more
SHA1 is a cryptographic hash function, so the intention of the design was to avoid what you are trying to do. However, breaking a SHA1 hash is technically possible. You can do so by just trying to guess what was hashed. This brute-force approach is of course not efficient, but that’s pretty much the only way. So to … Read more
Use a random number generator designed for cryptography. Then base-64 encode the number. This is a C# example:
I was trying to update libc in our Ubuntu server but it failed and now when I reboot the server I get a error message: Kernel panic – not syncing – Attempted to kill init! and it just hangs. What is the solution to this problem? The server is used by 10 people so I … Read more