SQL Injection, APIfication, Random, Algolia, Profitable Side Project
Post date: Mar 31, 2014 4:03:04 PM
During the week I just made my first SQL Injection Attack Exploit against live production system, and it worked just beautifully. It's horrible how common these serious flaws are. Of course I have known about SQL Injections for ages, and used even similar methods to exploit IRC scripts over 20 years ago. But this was the first time I had time to play for a while with probably exploitable system and I were successful. I were able to fetch user names and passwords from the site. Also see, OWASP SQL Injection documentation. And very classical XKCD.
Reminded my self about Crunch Mode, and how damaging it can be to productivity in long term, how much mental energy it consumes. And what are the long term consequences, even if it feels like great productivity for a short term and if quality issues and other hassle caused are ignored.