Blog Home

Posts tagged with “Security”

How I hacked Digg

Two weeks ago I filed a bug report on, explaining several XSS vulnerabilities and bugs I found. Some of these were (and some still are!) very critical. A day later, I got an automated response to my report:

We’ve contacted our development team who are investigating the issue, and will fix it as soon as possible.

All well and good I thought, but when a few days ago all vulnerabilities were still there, I decided to exploit one of them.

Read complete post »

Wednesday, June 4th 2008 / Comments (34)

Automatic Escaping of SQL Parameters

Escaping of SQL parameters in PHP is an needlessly tedious and error-prone process. Calling the right escaping function for every parameter that might be dangerous is a difficult task in a big project. This is just dangerous and calls for SQL-Injection-Attacks.

It’s obvious we need a uniform query function that automatically does the escaping for us. Perl-style parameter binding seems to be just the right choice. You can write your query, insert placeholders in the form of :n and pass the parameters to our function. The function automatically detects the datatype of the parameter for us and escapes it if needed.

    'SELECT posts 
        FROM blog 
            status = :2
            AND created = :1',

Read complete post »

Tuesday, August 21st 2007 / Comments (4)