Full Disclosure mailing list archives
Re: Sql Injection big5 consultancy
From: "joseph blater" <t5con () hotmail com>
Date: Tue, 24 Jun 2003 19:03:48 +0000
Nope, like someone said "they will have a hard time understanding what sql injection means".
Thanks for all the valuable input, I decided I will just STFU and keep it to myself. Let them discover it when some bad guy drops their databases and own their box. Better than facing a prossecution because of security professionals and developers trying to blame their incompetency on me (I can even imagine the "extorsion cracker"). Altough my country doesnt have any police forensics or especific laws, things could get nasty.
The downside is: a had to delete my personal info from their hr system, no way of getting hired now. Maybe Ill just try to move to the US.
Thanks again for all your replies. kind regards, fake name
From: Blue Boar <BlueBoar () thievco com> To: joseph blater <t5con () hotmail com> CC: full-disclosure () lists netsys com Subject: Re: [Full-disclosure] Sql Injection big5 consultancy Date: Mon, 23 Jun 2003 09:21:14 -0700 joseph blater wrote:What should I do? Tell them their whole HR system is vulnerable and face the risks of being charged for something? Although owning certs from most vendors, I never got to work for a top5. Shall I take the risk and use this vuln to help me getting a job?Well, considering that they're called that because there are only 5 or so of them... and that they all have pen test people who read this list... I would guess that this problem will take care of itself.BB
_________________________________________________________________The new MSN 8: smart spam protection and 2 months FREE* http://join.msn.com/?page=features/junkmail
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Current thread:
- Sql Injection big5 consultancy joseph blater (Jun 23)
- Re: Sql Injection big5 consultancy Blue Boar (Jun 23)
- Re: Sql Injection big5 consultancy Justin (Jun 23)
- <Possible follow-ups>
- RE: Sql Injection big5 consultancy Schmehl, Paul L (Jun 23)
- Re: Sql Injection big5 consultancy joseph blater (Jun 24)
- Re: Sql Injection big5 consultancy Shawn McMahon (Jun 24)
- Re: Sql Injection big5 consultancy M. Osten (Jun 24)
- Re: Sql Injection big5 consultancy Blue Boar (Jun 23)