SQL Injection Toy
No, this title is not about to the United Nations web site.More here.
Their hole is still gaped by the way, no matter what the U.N. staffers said so far.
As you may recall, I did offer a little free help to fix their bugs (13 AUG), but I’ve not been contacted back, notwithstanding some public flattery.
At any rate, since the 5 days “grace time” granted them under the RFPolicy is more than expired (10 days now), you may want to stay tuned for a report about their vulnerabilities — and, more interesting, about the worrying ways they pretend (or, worse, believe?) to have fixed them — as soon as I find a few minutes for this.
In the meanwhile, the real reason behind this post: I’m releasing a free web-based tool to help those experimenting and studying SQL injections, called SQL Injection Toy (or just SQL IT).
posted by Fergie @ 8/23/2007 12:49:00 PM
0 Comments:
Post a Comment
<< Home