Pages: [1]
  Author: Topic: Cookies and Peter Pan advices
offline On
Last Visit: 04/18/13

Joined: 06/19/03
Forum Posts: 5018
 Cookies and Peter Pan advices
 Posted on: 07/05/07 at 18:35:40


I read in some remote sites that some users decided to change the expiration date of the cookies as means of protection. A procedure "blessed" and recommended by the owners of those sites.

My advice to you all is:
1.) Not to use the script on these remote sites, an illegal, stolen property from this site. Changed into a buggy spyware.
2.) Not to implement this "protection". Why? because it does not protect anything. A user can change the expiration date regardless of what your script print into your users cookies.

This is just a small example of programing incompetence of those who stolen our script and call themselves for "developers". There are atleast 5 other issues in the piratical version that can both result in your site being defaced and your server even being derooted. Some of those issues are discussed openly in security sites out there.

Again, my advice to you, as the person whom was the security chief for webapp for the last 4 years now, always download your latest WebAPP script version and updates ONLY here at external link



GC/CS/E/H/IT/L/M/MU/PA/P/S/SS/TW/O d(+++)>+ s: a+>++>+++$ C++++$ UBAHS*++++$ P+++++(--)$ L !E? W+>++ N+++@ K+++>++++++@ w$ !O M->+ V--() PS+(-) PE(++) Y+ PGP->+ t+() 5 X? R>* tv@ b++>+++ DI+++ D? G(-) e++>+++@ h----() r+++ y++++ (Words of wisdom from Larry Wall, 1993)

  Cookies and Peter Pan advices
Pages: [1]
Hop to: