Cybersecurity - Memes

1964 readers

2 users here now

Only the hottest memes in Cybersecurity

founded 1 year ago

MODERATORS

Sam1232188@lemmy.world

neurohost@lemmy.world

Sam1232188@lemmy.fmhy.ml

Alphadef@programming.dev

CannaVet@lemmy.world

391

Your password must also not contain the following character combinations: script, select, insert, update, delete, drop, --, ', /*, */. (lemmy.world)

submitted 9 months ago by ABasilPlant@lemmy.world to c/cybersecuritymemes@lemmy.world

59 comments fedilink hide all child comments

you are viewing a single comment's thread
view the rest of the comments

[–] ArbitraryValue@sh.itjust.works 179 points 9 months ago (18 children)

How to say you're vulnerable to code injection without saying you're vulnerable to code injection.

[–] tryptaminev@feddit.de 30 points 9 months ago* (last edited 9 months ago) (13 children)

Are they vulnerable though, if they already exclude it at the user input?

I yet have to learn SQL and is there a way to allow passwords with '); DROP TABLE... without being vulnerable to an injection?

nevermind i googled it, and there various ways to do so

[–] emergencyfood@sh.itjust.works 10 points 9 months ago (4 children)

No one in their right mind is storing plain text passwords, or letting them anywhere near the database.

You convert the password to a hash, and store that. And the hash will look nothing like the password the user typed.

[–] usefulthings@lemmy.world 3 points 9 months ago

Lol. Yes, people do still build systems and store plain text passwords. I regularly get scammers sending me my throwaway passwords from crappy sites. Good thing I never reuse passwords, or email addresses.

load more comments (3 replies)

load more comments (11 replies)

load more comments (15 replies)