I have somehow found myself doing a lighthearted talk on retro hacking this Wednesday. Would anyone here happen to know anything about it?
I have somehow found myself doing a lighthearted talk on retro hacking this Wednesday. Would anyone here happen to know anything about it?
A few things I remember.
Nobody sanitised their inputs.
You could get through logins by making a database query check whether 1 = 1 instead of a password. You could put JavaScript into guest book fields to redirect people to whatever crazy site you wanted.
My university lecturer told me about a well known supermarket that built a shop front. They made it in such a way that you could change the numbers before they were submitted and it wasn’t validated on the back end. So free food.