Security - Code-Infection Blog

Image upload? Watch out!

published on July 17, 2011

Some days ago I saw a vulnerable website. ImageShare site of my friend. I don’t use websites like this. I just checked it and I found a bug. After my discovery, I looked into that matter. That was deeper than I thought.

(No SQL Inject) or (NoSQL Inject)

published on June 22, 2011

SQL Injection? What is it?

I can’t believe you don’t know what is it… But here is a simple example:

PHP (and vs. &&)

published on April 27, 2011

PHP has two methods which should work the same way. The and operator and the &&operator. But if you do not pay attention your program will be broken.

Re: JDN 2/11: The UK Approach to Unmanned Aircraft Systems

published on April 21, 2011

Lawyer: Admit that the above can be seen of code you wrote? Programmer: Yes. Lawyer: Admit that this code is buggy? Programmer: No. Lawyer: But it’s visible that certain input values pass control to the wrong place. So I ask again, admit mistakenness of the code? Programmer: No… because under normal use this code is flawless. Lawyer: What do you mean ‘normal use’? Programmer: Let’s just say that not killing people. Read More...