Comments for Security Related http://guymizrahi.com Guy Mizrahi about Security and Technology. Sat, 08 Nov 2008 11:44:57 +0000 http://wordpress.org/?v=2.6.2 Comment on how to regenerate phpbb_topics by תיקון או בניה מחדש של phpbb_topics | ZuLL, יומנו של האקר. http://guymizrahi.com/2008/08/20/how-to-regenerate-phpbb_topics/#comment-27 תיקון או בניה מחדש של phpbb_topics | ZuLL, יומנו של האקר. Thu, 21 Aug 2008 18:03:28 +0000 http://guymizrahi.com/2008/08/20/how-to-regenerate-phpbb_topics/#comment-27 [...] http://guymizrahi.com/2008/08/20/how-to-regenerate-phpbb_topics/ [...] [...] http://guymizrahi.com/2008/08/20/how-to-regenerate-phpbb_topics/ [...]

]]> Comment on Isn’t it cool to see e-mule working like this ? by amit http://guymizrahi.com/2008/05/02/isnt-it-cool-to-see-e-mule-working-like-this/#comment-15 amit Thu, 07 Aug 2008 03:22:39 +0000 http://guymizrahi.com/2008/05/02/isnt-it-cool-to-see-e-mule-working-like-this/#comment-15 The Best of The Blues - Great Album ;) it's the little details that will hurt us.. The Best of The Blues - Great Album ;)

it’s the little details that will hurt us..

]]> Comment on Isn’t it cool to see e-mule working like this ? by Qhckz http://guymizrahi.com/2008/05/02/isnt-it-cool-to-see-e-mule-working-like-this/#comment-14 Qhckz Mon, 21 Jul 2008 10:19:25 +0000 http://guymizrahi.com/2008/05/02/isnt-it-cool-to-see-e-mule-working-like-this/#comment-14 You try out to censor your download but you forgot the Lower Part Garry Moore - The Best Of The Blues.rar Next TIme put attention to the small details :P You try out to censor your download but you forgot the Lower Part

Garry Moore - The Best Of The Blues.rar

Next TIme put attention to the small details :P

]]> Comment on How to Steal DreamHost accounts? by ___the http://guymizrahi.com/2008/06/14/how-to-steal-dreamhost-accounts/#comment-13 ___the Wed, 09 Jul 2008 22:20:47 +0000 http://guymizrahi.com/2008/06/14/how-to-steal-dreamhost-accounts/#comment-13 i think that csrf is very easy to secure one way is to create a security_token and this is the best secure form csrf... i think that csrf is very easy to secure one way is to create a security_token
and this is the best secure form csrf…

]]> Comment on How to Steal DreamHost accounts? by Guy Mizrahi http://guymizrahi.com/2008/06/14/how-to-steal-dreamhost-accounts/#comment-12 Guy Mizrahi Tue, 08 Jul 2008 10:24:32 +0000 http://guymizrahi.com/2008/06/14/how-to-steal-dreamhost-accounts/#comment-12 I think you are all missing the point here. It is obvious you can secure this operation (change details) in many different ways. The point is that DreamHost didn't think that there is a need to secure it. That is whats bothering me. I think you are all missing the point here.
It is obvious you can secure this operation (change details) in many different ways.
The point is that DreamHost didn’t think that there is a need to secure it.
That is whats bothering me.

]]> Comment on How to Steal DreamHost accounts? by mark http://guymizrahi.com/2008/06/14/how-to-steal-dreamhost-accounts/#comment-11 mark Sun, 06 Jul 2008 12:13:09 +0000 http://guymizrahi.com/2008/06/14/how-to-steal-dreamhost-accounts/#comment-11 you can also add some small text box with random password that the user need to fill. you can also add some small text box with random password that the user need to fill.

]]> Comment on How to Steal DreamHost accounts? by cp77fk4r http://guymizrahi.com/2008/06/14/how-to-steal-dreamhost-accounts/#comment-10 cp77fk4r Fri, 04 Jul 2008 11:26:43 +0000 http://guymizrahi.com/2008/06/14/how-to-steal-dreamhost-accounts/#comment-10 L[s]D - it's not so difficult to secure that. you just need to make sure that all the user that want to make a new changes his account must type his password in the form... L[s]D - it’s not so difficult to secure that. you just need to make sure that all the user that want to make a new changes his account must type his password in the form…

]]> Comment on Isn’t it cool to see e-mule working like this ? by Guy Mizrahi http://guymizrahi.com/2008/05/02/isnt-it-cool-to-see-e-mule-working-like-this/#comment-9 Guy Mizrahi Wed, 02 Jul 2008 19:52:10 +0000 http://guymizrahi.com/2008/05/02/isnt-it-cool-to-see-e-mule-working-like-this/#comment-9 nope, just my home network in that day :-) nope, just my home network in that day :-)

]]> Comment on Isn’t it cool to see e-mule working like this ? by yigber http://guymizrahi.com/2008/05/02/isnt-it-cool-to-see-e-mule-working-like-this/#comment-8 yigber Wed, 02 Jul 2008 10:41:17 +0000 http://guymizrahi.com/2008/05/02/isnt-it-cool-to-see-e-mule-working-like-this/#comment-8 Is this your home connection ? Are you using all your neighbors' bandwidth as well ? :) Is this your home connection ? Are you using all your neighbors’ bandwidth as well ?
:)

]]> Comment on How to Steal DreamHost accounts? by L[s]D http://guymizrahi.com/2008/06/14/how-to-steal-dreamhost-accounts/#comment-7 L[s]D Tue, 17 Jun 2008 08:20:48 +0000 http://guymizrahi.com/2008/06/14/how-to-steal-dreamhost-accounts/#comment-7 well, this method isn't new.. it is called XSRF (cross site request forgery). I really like this sec hole cuz almost every site has it, it is very difficult to secure. well, this method isn’t new..
it is called XSRF (cross site request forgery).
I really like this sec hole cuz almost every site has it, it is very difficult to secure.

]]>