Hacker News new | past | comments | ask | show | jobs | submit login

>modulo changing it to ');drop table students;-- )

As an aside, about a year ago I made a simple web crawler that got (among other things) HTTP headers from all the servers it found. After an hour of crawling, I took the headers to start working on a parser for them, and found 7 attempts at an sql injection. Do I get to prosecute whoever set up those servers?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: