|
Posted by Steve on 02/23/07 15:35
shimmy,
would you be interested in working on a prototyped site tester called, say,
phpRaper? i can get all the information related to a site such as all the
path mapping for any file used by a site, the database being used, the db
user/pass to access the db, all the tables of the db, php_info-ed config,
etc.. your creativity in ways get that script to run on presumably secure
servers would be valued (the embedded code is one way but all exploits
should be exercised...and i become less and less familiar with the subject
the further down the chain i go). i'd post my code here with the intent of
people running it on their own site(s) so they can actually secure their
systems.
just a thought.
[Back to original message]
|