Search Results

Search found 629 results on 26 pages for 'hacking'.

Page 8/26 | < Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >

  • Palm webOS CSS Targeting Hack?

    - by Tom
    Although it is not good practice, I am looking for a CSS hack to target Palm webOS. The problem is that Safari 3+ is awesome, and I can do some things like gradient background animations on text, but only in Safari. Right now I use @media screen and (-webkit-min-device-pixel-ratio:0) {} and it works like a charm, no Opera, Firefox, or whatever, because if I set the background to the image as I do in Safari they will all be ruined. But Palm's browser is based on webkit, and it uses the rules inside, and Palm's browser doesn't support text backgrounds so all I get is the image moving, no text. I would prefer a CSS hack, but if need be a Javascript one will do.

    Read the article

  • My site was recently attacked. What do I do?

    - by ChrisH
    This is a first for me. One of the sites I run was recently attacked. Not at all an intelligent attack - pure brute force - hit every page and every non-page with every extension possible. Posted with garbage data to every form and tried to post to some random urls too. All tod, 16000 requests in one hour. What should I do to prevent/alert this kind of behavior? Is there a way to limit the request/hr for a given ip/client? Is there a place I should be reporting the user to? They appear to be from China and did leave what seems like a valid e-mail.

    Read the article

  • how to send keystrokes to maplestory?

    - by blood
    hi i play a game called maplestory because a LOT of my friends do and i want to talk to them online and they will only chat on maplestory because they are playing it. i would like to build a program that will send my chats to maplestory and it will be a small little chat window because i can't do much well im chatting on Maplestory. i have tryed sending my fake input to maplestory but their anti-hack shield blocks it, i can't find a way by it with out running a by pass to their anti-hack shield which i don't really want to do :( so i need a way to send stuff by so i can chat. please don't tell me to use a by pass i really would like to find a way to leave it running. also i only really need keyboard input not really the mouse because to chat you only have to hit enter then type text then enter to send, but hey it might come in useful. also if the way only works for the top window i can just make something that swhitchs back and forth.

    Read the article

  • How can a hacker put a file on my server root (apache, php, 1and1)

    - by mike-sav
    Hi there, I have a site hosted on 1and1 and a couple of weeks ago I noticed a hacker had put a .php file on the server that when viewed in a browser exposed my DB schema, DB connection strings, FTP account (for file uploads using a form), etc, etc. Naturally I panicked and I wiped the server and reuploaded my files. Fortunatley I encrypt passwords using MD5 and I don't store things like credit card details, etc, etc. Now I checked my files and with all user input I use a clean function (htmlentities, sql_real_escape_string, etc, etc) that strips the input of any XSS or SQL injection. I have also made sure that the session key gets re-engineered when a user status changes (like they log into their account) to prevent session hijacking, my folder permissions are set to 755 and file permission are 644. Has anyone got any idea how this could have happened? Or if I'm missing something

    Read the article

  • Limit URL Parameter Length in Web.Config

    - by Alex
    Is it possible to add some kind of restriction to the web.config to limit URL parameter length? I want to prevent people at the earliest possible point from submitting too large URL parameters so the server doesn't get taxed more than necessary in the event that somebody tries to "attack" it with large invalid URL parameters.

    Read the article

  • Got Hacked. Want to understand how.

    - by gaoshan88
    Someone has, for the second time, appended a chunk of javascript to a site I help run. This javascript hijacks Google adsense, inserting their own account number, and sticking ads all over. The code is always appended, always in one specific directory (one used by a third party ad program), affects a number of files in a number of directories inside this one ad dir (20 or so) and is inserted at roughly the same overnight time. The adsense account belongs to a Chinese website (located in a town not an hour from where I will be in China next month. Maybe I should go bust heads... kidding, sort of), btw. So, how could they append text to these files? Is it related to the permissions set on the files (ranging from 755 to 644)? To the webserver user (it's on MediaTemple so it should be secure, yes?)? I mean, if you have a file that has permissions set to 777 I still can't just add code to it at will... how might they be doing this?

    Read the article

  • Testing for security vulnerabilities on web applications

    - by Moak
    A lot of companies use CMS software that updates on the regular, often they are security fixes, implying that the previous version have security vulnerabilities. But most clients never upgrade this, or even the CMS has been modified so that an update would break the site. Are there sites that document these exploits, and instruct how to test for them? Or does this information not even get published? (in order not to have people try to exploit them) Also is there a generic php/js based check list to prevent hack attempts? I know about SQL injections and XSS, but I'm sure that there are more threats out there. Peace

    Read the article

  • How to hack your own website

    - by Saif Bechan
    I am in late testing phase of my web application. The application will be tested at a larger scale now. During this time I want to try and hack my own system and application with some tools, scripts, etc. Mostly some code I can try and execute in the browser. I have backups for the whole system so even down to the kernel can be hacked. My system is nginx,apache,php,mysql on Linux CentOS.

    Read the article

  • How to prevent arbitrary code execution vulnerability in our programs?

    - by Calmarius
    You always read in changelogs when your system or browser or any program updates that they fixed a bug that made possible that an attacker can execute any code in your computer with a forged website, or attacking your computer with carefully forged packets, etc... Because you read it so often that means any program can have similar vulnerabilites... What causes this? how to design our programs to prevent similar issues?

    Read the article

  • PHP - What to store in a session?

    - by eWolf
    I know about all the issues with session fixation and hijacking. My question is really basic: I want to create an authentication system with PHP. For that, after the login, I would just store the user id in the session. But: I've seen some people do weird things like generating a GUID for each user and session and storing that instead of just the user id in the session. Why? The content of a session cannot be obtained by a client - or can it?

    Read the article

  • Inter process communication C# <--> C++ for game debugging engine.

    - by Andy
    I am working on a debugger project for a game's scripting engine. I'm hoping to write the debugger's GUI in C#. The actual debugging engine, however, is embedded in the game itself and is written in a mixture of C, C++, and assembly patches. What's the best way to handle communication between the debugger GUI and the debugging engine? The two will be running in separate processes. Thanks! Andy

    Read the article

  • Cookiless Session Is it a security risk?

    - by Costa
    Hi http://msdn.microsoft.com/en-us/library/aa479314.aspx You have a user who successfully log in from a machine in Cybercafe, Hacker H able to sniff the network and get the sessionID of the user, Can H use the sessionId and act as the user from another machine? Can H enter http://folder/(session id)/CreditCardInformation.aspx to know the credit card number of the user?

    Read the article

  • How do I react when somebody tries to guess admin directiories on my website?

    - by Konstantin
    Hello! I've been getting these messages in apache error.log for quite a while: [client 217.197.152.228] File does not exist: /var/www/phpmyadmin [client 217.197.152.228] File does not exist: /var/www/pma [client 217.197.152.228] File does not exist: /var/www/admin [client 217.197.152.228] File does not exist: /var/www/dbadmin [client 217.197.152.228] File does not exist: /var/www/myadmin [client 217.197.152.228] File does not exist: /var/www/PHPMYADMIN [client 217.197.152.228] File does not exist: /var/www/phpMyAdmin And many more different addresses. Looks like somebody is trying to guess where my admin applications are located. What should I fear in this situation, and what a knowledge of my admin addresses can give to attacker, if everything is password protected?

    Read the article

  • Detecting suspicious behaviour in a web application - what to look for?

    - by Sosh
    I would like to ask the proactive (or paranoid;) among us: What are you looking for, and how? I'm thinking mainly about things that can be watched for programaticaly, rather than manually inspecting logs. For example: - Manual/automated hack attempts - Data skimming - Bot registrations (that have evaded captcha etc.) - Other unwanted behaviour Just wondering what most people would consider practical and effective..

    Read the article

  • How do game trainers change an address in memory that's dynamic?

    - by GameTrainersWTF
    Lets assume I am a game and I have a global int* that contains my health. A game trainer's job is to modify this value to whatever in order to achieve god mode. I've looked up tutorials on game trainers to understand how they work, and the general idea is to use a memory scanner to try and find the address of a certain value. Then modify this address by injecting a dll or whatever. But I made a simple program with a global int* and its address changes every time I run the app, so I don't get how game trainers can hard code these addresses? Or is my example wrong? What am I missing?

    Read the article

  • How do game trainers change a address in memory thats dynamic?

    - by GameTrainersWTF
    Lets assume i am a game and i have a global int* that contains my health. A game trainers job is to modify this value to whatever in order to achieve god mode. I've looked up tutorials on game trainers to understand how they work, and the general idea is to use a memory scanner to try and find the address of a certain value. Then modify this address by injecting a dll or whatever. But i made a simple program with a global int* and its address changes every time i run the app, so i don't get how game trainers can hard code these addresses? Or is my example wrong? What am i missing?

    Read the article

  • Cookiless Session Is it a security

    - by Costa
    Hi http://msdn.microsoft.com/en-us/library/aa479314.aspx You have a user who successfully log in from a machine in Cybercafe, Hacker H able to sniffer the network and get the sessionID of the user, Can H use the sessionId and act as the user from another machine? Can H enter http://folder/(session id)/CreditCardInformation.aspx to know the credit card number of the user. Thanks

    Read the article

  • Using directory traversal attack to execute commands

    - by gAMBOOKa
    Is there a way to execute commands using directory traversal attacks? For instance, I access a server's etc/passwd file like this http://server.com/..%01/..%01/..%01//etc/passwd Is there a way to run a command instead? Like... http://server.com/..%01/..%01/..%01//ls ..... and get an output? EDIT: To be clear here, I've found the vuln in our company's server. I'm looking to raise the risk level (or bonus points for me) by proving that it may give an attacker complete access to the system

    Read the article

  • How to make an unit test always pass?

    - by brain_damage
    Let's assume someone has to write a solution to a problem and I have to test his solution with some tests. Is it possible (maybe with reflections or something) his program to pass all my tests, but to have nothing in common with the real solution to the problem?

    Read the article

< Previous Page | 4 5 6 7 8 9 10 11 12 13 14 15  | Next Page >