On 27 June 2012 01:56, Justin Richards wrote: > > > http://community.websense.com/blogs/securitylabs/archive/2010/06/03/crypt= o-analysis-in-shellcode-detection.aspx > > Great blog and enjoyed the explanation herein especially SQL injection. > Thanks! > The key in my example is small but is the same length as the message, > and as there is no clear text to find just passwords like "Wcbhj41d" > therefore I think I can assume it would be very hard to crack. > True, if you are never using this key again, then it is very hard to crack. > I wonder if there are any website where you can enter your url (or test url) and offer a reward for a successful hack with explanation. > I would happily offer mine running test data. > Search for "Penetration Testing" -- Some companies are doing this as a service. Also you can advertise the challenge on security forums "$10k for the first brakes into my system and tells me how". Be prepared with the cheque though :-) > -- > > int main() { char *a,*s,*q; printf(s=3D"int main() { char *a,*s,*q; > > printf(s=3D%s%s%s, q=3D%s%s%s%s,s,q,q,a=3D%s%s%s%s,q,q,q,a,a,q); }", > > q=3D"\"",s,q,q,a=3D"\\",q,q,q,a,a,q); } > > -- > > Has anyone asked about your signature block? I am curious. > I think someone from PicList asked it already a while back. If you have a command line C compiler, make that to a one line C source file, compile it and run it ;-) You can find info about "Quine" and you will see that my solution is far from the best (shortest), but works: http://www.nyx.net/~gthompso/quine.htm http://en.wikipedia.org/wiki/Quine_(computing) Tamas --=20 int main() { char *a,*s,*q; printf(s=3D"int main() { char *a,*s,*q; printf(s=3D%s%s%s, q=3D%s%s%s%s,s,q,q,a=3D%s%s%s%s,q,q,q,a,a,q); }", q=3D"\"",s,q,q,a=3D"\\",q,q,q,a,a,q); } --=20 http://www.piclist.com PIC/SX FAQ & list archive View/change your membership options at http://mailman.mit.edu/mailman/listinfo/piclist .