Posts from May, 2012

SQL Injection at Reddit

Sheeri

1

Reddit takes SQL injection very seriously. How seriously? Check their headers: scabral-07890:~ scabral$ curl –head www.reddit.com HTTP/1.1 200 OK Content-Type: text/html; charset=UTF-8 Set-Cookie: reddit_first=%7B%22organic_pos%22%3A%201%2C%20%22firsttime%22%3A%20%22first%22%7D; Domain=reddit.com; expires=Thu, 31 Dec 2037 23:59:59 GMT; Path=/ Server: ‘; DROP TABLE servertypes; — Date: Sat, … Continue reading