lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list] 
Message-ID: <BAY8-F116beUzmRf6Ci000654d6@hotmail.com>
From: t5con at hotmail.com (joseph blater)
Subject: Sql Injection big5 consultancy

Nope, like someone said "they will have a hard time understanding what sql 
injection means".

Thanks for all the valuable input, I decided I will just STFU and keep it to 
myself. Let them discover it when some bad guy drops their databases and own 
their box. Better than facing a prossecution because of security 
professionals and developers trying to blame their incompetency on me (I can 
even imagine the "extorsion cracker"). Altough my country doesnt have any 
police forensics or especific laws, things could get nasty.

The downside is: a had to delete my personal info from their hr system, no 
way of getting hired now. Maybe Ill just try to move to the US.

Thanks again for all your replies.

kind regards,
fake name

>From: Blue Boar <BlueBoar@...evco.com>
>To: joseph blater <t5con@...mail.com>
>CC: full-disclosure@...ts.netsys.com
>Subject: Re: [Full-Disclosure] Sql Injection big5 consultancy
>Date: Mon, 23 Jun 2003 09:21:14 -0700
>
>joseph blater wrote:
>>What should I do? Tell them their whole HR system is vulnerable and face 
>>the risks of being charged for something?
>>Although owning certs from most vendors, I never got to work for a top5. 
>>Shall I take the risk and use this vuln to help me getting a job?
>
>Well, considering that they're called that because there are only 5 or so 
>of them... and that they all have pen test people who read this list... I 
>would guess that this problem will take care of itself.
>
>						BB
>

_________________________________________________________________
The new MSN 8: smart spam protection and 2 months FREE*  
http://join.msn.com/?page=features/junkmail

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ