Current mood:

busy

I fished and shit...
[R A N T]
nothing to say for today

[T O D A Y]
well nothing much happened today, yesterday was the big day. Yesterday I went to kelly's home cooking. It was so good, its about 1hour30mins from here. Then I went fishing, caught 3 fish, 2 Hybreds and 1 crappy. They hybred was about 5 lbs. nice and big, tasted good too. Just ate it today. :) Anyway, after that we went and ate another reseraunt. had lots of seafood. yummy. Then I went to this persian concert with Siavash, what a DRUNK. man that guy was drunk as fuck. Anyway in our group there was this girl who looked real familiar, turns out i met her while dancing at tervena and we had a really good time then she left.. but this time we both exchanged phone numbers, she was pretty hot and a good dancer. Anyway need to talk to amr about getting her a seat with me at his restaruant. Anyway the night was pretty good, had two shots , a weak buzz, everything else was rather fine.

[T E C H N O L O G Y]
SQL injections -
These are a pretty neat tattic to break into a website. Although alot of websites now have adequte protection against these kinds of attacks. You see alot of websites, where one uses a Username and Password require a Database to store information. Its kinda like a GIANT excel spreadsheet. Now when you insert a password persay, it checks it and because its a string puts it in single quotes.

example

If('mypassword' == 'mypassword')
AllowEntry()
Else
$GetTheFuckOut
End

You see how the pass matches it allows entry to the site. (be aware my code isnt exactly right)
Now say you dont know the password

If ($passoword == 'mypassword')

You inject code into the password box to gain entry, so for $password you would type

a' == 'a' or 'a

It then places this in replace of $password

If ('a' == 'a' or 'a' == 'mypasssword')

so you see, this allows access because a is equal to a. Basically im saying if a is a or a is your password then allow me access sense a is always going to be equal to a it could careless about the rest and grants me access to the site.

And thats how SQL Injections work. Other code can be inserted, for example lets say you know the database owner is a lazy fucker. He didnt rename his database, the generic userdatabase is just that, its called userdatabase.

So by using

Bill') DROPTABLE userdatabase;

It will then insert this into its code

If ('Bill') DROPTABLE userdatabase; ' = 'mypassword')

you see DROPTABLE deletes the database listed. Which in the case would be userdatabase. the line ends and its to late the computer has already acted uppon it.. regardless of the code on the end or below this...

Now be aware very few sites are vulnrable to this kind of attack. only those coders who are fresh to the market are this easliy vulnrable.