Agreed, a popped account is a bad thing, especially if it's published as such. A larger risk would be somebody popping one of the compromised-credential repositories. Then you've got both username and password. But here…
I've asked many devs why they chose Mongo over a RDBMS. They can never give me a technical answer. It's always 'it's cool' or because they just read something about it on some non-technical blog. It usually only takes…
Makes me wonder what they require to classify the bug as a security bug. Perhaps it gets classified otherwise since there's no data leakage other than an address? The existence of an address isn't exactly confidential.
No updates since 2005, designed for 6.2... Holy cow you had to go dumpster diving to find that script. I love the guy's changelog, though! :wq
And even if it was, there were ways to get anonymous execution through the task manager, or the infamous help-dialog login bypass.
That'd make sense. Written in python, for python (at least initially) since the author likes python :-) Looks like a neat start to a new project. The built-in IRC client made me chuckle, though.
It's never too hard to figure something out if you're given the whole shebang instead of a loose breadcrumb trail.
Agreed, a popped account is a bad thing, especially if it's published as such. A larger risk would be somebody popping one of the compromised-credential repositories. Then you've got both username and password. But here…
I've asked many devs why they chose Mongo over a RDBMS. They can never give me a technical answer. It's always 'it's cool' or because they just read something about it on some non-technical blog. It usually only takes…
Makes me wonder what they require to classify the bug as a security bug. Perhaps it gets classified otherwise since there's no data leakage other than an address? The existence of an address isn't exactly confidential.
No updates since 2005, designed for 6.2... Holy cow you had to go dumpster diving to find that script. I love the guy's changelog, though! :wq
And even if it was, there were ways to get anonymous execution through the task manager, or the infamous help-dialog login bypass.
That'd make sense. Written in python, for python (at least initially) since the author likes python :-) Looks like a neat start to a new project. The built-in IRC client made me chuckle, though.
It's never too hard to figure something out if you're given the whole shebang instead of a loose breadcrumb trail.