To whoever hacked into my Database

Νίκος Αλεξόπουλος nikos.gr33k at gmail.com
Sat Nov 9 09:50:58 CET 2013


Στις 9/11/2013 10:39 πμ, ο/η Chris Angelico έγραψε:
> On Sat, Nov 9, 2013 at 7:31 PM, Νίκος Αλεξόπουλος <nikos.gr33k at gmail.com> wrote:
>> if page and os.path.isfile( cgi_path + page ) in os.listdir( cgi_path ):
>>
>> Try pass bogus values again into my database!
>
> Well done! *slow clap* In the interests of security, you have just
> locked everything out, including legitimate usage!
>
> ChrisA
>


Ah yes you are right!

Correction!

if page and page in os.listdir( cgi_path ):

That should keep the site working and still leave the attacker away from 
my daatabase!



More information about the Python-list mailing list