So, I hacked my professor's website.

Toggle sidebar Toggle sidebar
N

notfred

Lifer
Feb 12, 2001
38,241
4
0
Database server username/password.

Don't worry, it's a read-only account on a database with no sensitive information. The thing is, he's telling us to use the same method that he's using for security to prevent people from being able to get our passwords for the DB server.
 
R

rezinn

Platinum Member
Mar 30, 2004
2,418
0
0
I Hacked My Professor?s Website

I?m taking a class on databases, and the final part of the class is on using PHP and MySQL to make a database-driven website. The professor gave the class some simple instructions on security for our own websites - namely, he described a method for protecting our passwords to the DB server so that other users on the university?s machine couldn?t read them. Unfortunately, his method isn?t very good. He admitted that fact himself as he explained his security procedure, but I was able to get his password in only about half an hour of trying, and I?m really not much of a hacker. Here?s a page showing his DB connection information, it?s on my site, but the data is coming out of my professor?s home directory, to which I?m not supposed to have access. Don?t worry, you can?t actually do anything destructive with the password in that file. However, he wants students to protect their passwords the same way. I hope no one is using the same password for their database accounts at school as they are for their email or their bank accounts. I?ll discuss this with my professor tomorrow. For what it?s worth, we talked about security concerns in class and I don?t think he?ll consider this to be malicious.

 
D

dighn

Lifer
Aug 12, 2001
22,820
4
81
Originally posted by: rezinn
I Hacked My Professor?s Website

I?m taking a class on databases, and the final part of the class is on using PHP and MySQL to make a database-driven website. The professor gave the class some simple instructions on security for our own websites - namely, he described a method for protecting our passwords to the DB server so that other users on the university?s machine couldn?t read them. Unfortunately, his method isn?t very good. He admitted that fact himself as he explained his security procedure, but I was able to get his password in only about half an hour of trying, and I?m really not much of a hacker. Here?s a page showing his DB connection information, it?s on my site, but the data is coming out of my professor?s home directory, to which I?m not supposed to have access. Don?t worry, you can?t actually do anything destructive with the password in that file. However, he wants students to protect their passwords the same way. I hope no one is using the same password for their database accounts at school as they are for their email or their bank accounts. I?ll discuss this with my professor tomorrow. For what it?s worth, we talked about security concerns in class and I don?t think he?ll consider this to be malicious.
Click to expand...

wth??? :confused:
 
T

tami

Lifer
Nov 14, 2004
11,588
3
81
Originally posted by: notfred
Database server username/password.

Don't worry, it's a read-only account on a database with no sensitive information. The thing is, he's telling us to use the same method that he's using for security to prevent people from being able to get our passwords for the DB server.
Click to expand...

you were more interesting as a green snake. :p
 
You must log in or register to reply here.

TRENDING THREADS

COMPANY
RESOURCES
FOLLOW
Top Bottom