Re: Re: Encrypting Largish Files


Keep It Simple, Stupid
	PerlMonks

Re: Re: Encrypting Largish Files

by willdooUK (Beadle)

on Sep 24, 2001 at 14:35 UTC ( [id://114275]=note: print w/replies, xml )

Need Help??

in reply to Re: Encrypting Largish Files
in thread Encrypting Largish Files

"Passord" isn't an english word ;)

My co-worker told me about a program he wrote in his hacking days which tried a brute force assault on a server over http, giving a name and password from a list of first names.

Apparently a lot of people use their first name for both their username and password - so all you need is a list of popular first names....

How about hard-coded passwords - can anyone comment on the security of having an admin password written into a cgi script?

I put an admin section into a site, which is based around a single cgi script. The password for using the admin controls is held as a scalar in the cgi code, and I'm hoping thats pretty safe (because the server will always execute that script and not list it to the browser). Am I fooling myself?

willdooUK
--------------
"Home is a castle you built in my mind; I'm home anywhere, anytime."
Donny Hathaway

Comment on Re: Re: Encrypting Largish Files

Replies are listed 'Best First'.

Re: Re: Re: Encrypting Largish Files
by blakem (Monsignor) on Sep 24, 2001 at 23:15 UTC

GET http://whatever.com/cgi-bin/some.cgi?file=../cgi-bin/someother.cgi
[download]

-Blake

[reply]
[d/l]

In Section Seekers of Perl Wisdom

Domain Nodelet^?

www.com | www.net | www.org

Node Status^?

node history
Node Type: note [id://114275]
help

Chatterbox^?

How do I use this? • Last hour • Other CB clients

Other Users^?

Others avoiding work at the Monastery: (2)

As of 2024-04-19 21:31 GMT

Sections^?

Information^?

Find Nodes^?

Leftovers^?

Today I Learned

Voting Booth^?

No recent polls found