this post was submitted on 24 Jan 2024
390 points (98.5% liked)

Cybersecurity - Memes

2015 readers
1 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago
MODERATORS
 
you are viewing a single comment's thread
view the rest of the comments
[–] [email protected] 179 points 11 months ago (18 children)

How to say you're vulnerable to code injection without saying you're vulnerable to code injection.

[–] [email protected] 30 points 11 months ago* (last edited 11 months ago) (13 children)

Are they vulnerable though, if they already exclude it at the user input?

I yet have to learn SQL and is there a way to allow passwords with '); DROP TABLE... without being vulnerable to an injection?

nevermind i googled it, and there various ways to do so

[–] [email protected] 10 points 11 months ago (4 children)

No one in their right mind is storing plain text passwords, or letting them anywhere near the database.

You convert the password to a hash, and store that. And the hash will look nothing like the password the user typed.

[–] usefulthings 3 points 11 months ago

Lol. Yes, people do still build systems and store plain text passwords. I regularly get scammers sending me my throwaway passwords from crappy sites. Good thing I never reuse passwords, or email addresses.

load more comments (3 replies)
load more comments (11 replies)
load more comments (15 replies)