[nycphp-talk] php in securityfocus 218
Chris Shiflett
shiflett at php.net
Tue Oct 14 12:09:02 EDT 2003
--- jon baer <jonbaer at jonbaer.net> wrote:
> i once read a paper that covered crazy recon hacking techniques and
> the one that involved SQL injection was pretty interesting, I think
> if I remember it was more pertaining to Perl but could be applied in
> anything. Basically it was case scenerio where the hacker was
> actually looking for the exact box the admin material was being
> hosted on (the SQL Server/MySQL) and he discovered that if he placed
> <img> tags inside of an entry that he could trace back the IP request
> when the admin viewed results.
This sounds similar to CSRF, a topic I have found particularly interesting.
Imagine that the URL in an image tag causes the person requesting it to perform
some action:
<img src="http://stocks.example.org/?task=trade&from=MSFT&to=RHAT&qty=1000" />
There is an article in php|a this month (which should come out today) that has
more information about this. You can also read the original "paper" at:
http://www.tux.org/~peterw/csrf.txt
Chris
=====
My Blog
http://shiflett.org/
HTTP Developer's Handbook
http://httphandbook.org/
RAMP Training Courses
http://www.nyphp.org/ramp
More information about the talk
mailing list