Secure Coding mailing list archives
Seeking vulnerable server-side scripts
From: jeremy.j.epstein at gmail.com (Jeremy Epstein)
Date: Wed, 6 May 2009 09:46:11 -0400
Greetings, I'm experimenting (on paper initially) with a technique for improving resiliency of web applications, and to do so am looking for examples of server side scripts (PHP, Perl, whatever) that have security vulnerabilities, to see if the technique would work. If you have scripts you'd be willing to share, please contact me off-list. The scripts don't have to be open source; I'm happy to take scripts that are not for redistribution (but I can't sign formal NDAs). The ideal scenario would include enough of the infrastructure (scripts, descriptions of the environment) and a description of the vulnerability... but again, I'll take what I can get for now. The important thing is that the scripts be server-side and written in an interpreted scripting language; I'm not looking for server-side C or Java programs. If there are repositories of such things, please excuse the newbie question and point me in the right direction! Thanks, --Jeremy 703-989-8907 (mobile) jeremy.j.epstein at gmail.com P.S. Yes, you may forward this message to other people, but I'd appreciate not sending it to other lists without checking with me first.
Current thread:
- Seeking vulnerable server-side scripts Jeremy Epstein (May 06)
- Seeking vulnerable server-side scripts Steven M. Christey (May 06)
- Seeking vulnerable server-side scripts security curmudgeon (May 06)
- Seeking vulnerable server-side scripts security curmudgeon (May 06)
- Seeking vulnerable server-side scripts Jim Manico (May 06)
- Seeking vulnerable server-side scripts jrose (May 06)
- Seeking vulnerable server-side scripts security curmudgeon (May 06)