StarGateWars Forums

Well damn him, I don't see how one apostriphy would kill it

Are you a programmer?

Are you?

Sure am, doing software engineering at university

OMG LOOKY SAV!!!! I'M TEAL'C WOOHOOO!!!!

I Just E-Mailed A Friend Of Mine He Is Doing I.T And Programme Coding - He Said There Are Many Different Characters Used In A Hacking Sequence, To Hack Any Website It Will Take More Than One Apostrophe In The Command String Your Using To Do So....You Can't Hack Anything Using Only The One

Apophis wrote:I Just E-Mailed A Friend Of Mine He Is Doing I.T And Programme Coding - He Said There Are Many Different Characters Used In A Hacking Sequence, To Hack Any Website It Will Take More Than One Apostrophe In The Command String Your Using To Do So....You Can't Hack Anything Using Only The One

lol. If one codes properly and uses mysql_real_escape_string(), and htmlentities(), in every SQL query, they would generally be immune to SQL injection. However, one will need to be a lot more cunning in order to make a site invulnerable to XSS (Cross-Site Scripting).

SGW has extremely 'weak' security. It was based of the KoCC made by wonderkid. And I doubt admin has changed much. I don't even think our passwords are hashed, nor emails, which is why I use a deprecated email address, and an unique password just for SGW.

Not to mention SGW has no defense against XSS what-so-ever. One can steal a cookie, and fake a referrer - BAM!

Teal'C wrote:OMG LOOKY SAV!!!! I'M TEAL'C WOOHOOO!!!!

RoKeT[ Dominium ex Malus - LoverBoy]
Lord of Timeless Ancient Gods of the TOLAH
.... If you say so.
Why should he block it on the forum, bit hard to exploite code on here for ingame resources to be sold for cash...

Apophis wrote:I Just E-Mailed A Friend Of Mine He Is Doing I.T And Programme Coding - He Said There Are Many Different Characters Used In A Hacking Sequence, To Hack Any Website It Will Take More Than One Apostrophe In The Command String Your Using To Do So....You Can't Hack Anything Using Only The One

Who says you need ANY... If you could know the code, statements like ~Bank() could be a deconstructor for the Bank object. Which would screw the game. No ' needed in that is there...

lol Soz Sarevok, True, That Is If They Are Used Atall In The String! .....Technical Stuff Makes My Head Hurt lmao

CABAL wrote:lol. If one codes properly and uses mysql_real_escape_string(), and htmlentities(), in every SQL query, they would generally be immune to SQL injection. However, one will need to be a lot more cunning in order to make a site invulnerable to XSS (Cross-Site Scripting).

SGW has extremely 'weak' security. It was based of the KoCC made by wonderkid. And I doubt admin has changed much. I don't even think our passwords are hashed, nor emails, which is why I use a deprecated email address, and an unique password just for SGW.

Not to mention SGW has no defense against XSS what-so-ever. One can steal a cookie, and fake a referrer - BAM!

I Do That too Cabal lol One Seperate Email And Password For GateWars, I Been Warned About Security On The Game By A Few People....I Never Like To Take Risks, My Paypal Is Under A Seperate Email Too...I Don't Hvae Any Trouble With Hacking It's Just Remembering The Different Passwords That Get's Me lmao

lol. For the quotes, using htmlentities() with ENT_QUOTES will allow the use of quotes safely.