| Author |
Yes I am a Noob.... |
BitchCoder
Member
Posts: 10
Location:
Joined: 26.08.08
Rank: Newbie |
|
Just thought I would get all of the 'what a noob' comments out of the way. I have not hacked anything, except for the 2 basic challenges I had to finish before I could post. Thanks for making those pretty easy by the way.
OK, why I am here. Over the past several years I have been teaching myself web coding. I am a graphic designer, and I really enjoy coding. I can use HTML, CSS, and php. My latest site is valid in HTML 4.01, CSS level 2, and WAI-AAA WCAG 1.0.
I am increasingly concerned about the security of my sites, especially my private family site. I have learned that my site is vulnerable to XSS, through a little test I found by googling it, though I am not sure how to fix this or what this issue really means. I have a php/mysql login scblockedript, and I don't think I have ever been hacked.
I would also like to take a look into some other sites that are protected in the same way. Is it illegal to get past someone's login scblockedript and just look at the content that is behind it?
I am really excited about learning about web site security. I also think your challenges are fun, so I am going to keep trying to do those, I hope they don't get to hard to fast!
Thanks for all of your help in advance!!
Oh, I forgot I wanted to tell you all a little about myself. I am, hmm, I wonder what is relevant here....
Female
Thin/Average Height
Late 20's
from Kentucky, USA
married
anything else, just ask
|
|
| Author |
RE: Yes I am a Noob.... |
slpctrl
Member
Posts: 945
Location: 2147483647
Joined: 19.04.07
Rank: God |
|
|
BitchCoder wrote:
Female
Thin/Average Height
Late 20's
Hey I'm pretty close we should hook up 
|
|
| Author |
RE: Yes I am a Noob.... |
Mr_Cheese
HBH Owner
Posts: 2468
Location: Brighton, UK
Joined: 30.11.04
Rank: God |
|
|
BitchCoder wrote:
My latest site is valid in HTML 4.01, CSS level 2, and WAI-AAA WCAG 1.0.
we use XHTML nowadays 
but good to hear that you are here for the right reasons. I hope you learn a lot from this site. |
|
|
| Author |
RE: Yes I am a Noob.... |
nights_shadow
Member
Posts: 856
Location: /var/log/messages
Joined: 30.12.04
Rank: God |
|
slpctrl wrote:
BitchCoder wrote:
Female
Thin/Average Height
Late 20's
Hey I'm pretty close we should hook up
She's married man. Wtf 
As for bitchcoder, what level of XSS are we talking here? Low-level, persistant?
 |
|
| Author |
RE: Yes I am a Noob.... |
BitchCoder
Member
Posts: 10
Location:
Joined: 26.08.08
Rank: Newbie |
|
slpctrl wrote:
BitchCoder wrote:
Female
Thin/Average Height
Late 20's
Hey I'm pretty close we should hook up
miss the "married" part?  |
|
|
| Author |
RE: Yes I am a Noob.... |
a-hack
Member
Posts: 253
Location:
Joined: 29.05.06
Rank: HBH Guru |
|
Welcome to hbh!
Atlanta Web Design |
|
|
| Author |
RE: Yes I am a Noob.... |
clone4
Member
Posts: 586
Location: He is back and he's bad!
Joined: 25.11.07
Rank: God |
|
BitchCoder wrote:
slpctrl wrote:
BitchCoder wrote:
Female
Thin/Average Height
Late 20's
Hey I'm pretty close we should hook up
miss the "married" part?
We usually see only what we want to
Anyway welcome and enjoy the ride
[img][/img]
spyware - "They see me trollin'..."
<yaragn> ever seen that movie? The Matrix?
<yaragn> with those green lines of flying text?
<yaragn> *THAT'S* Perl
|
|
|
| Author |
RE: Yes I am a Noob.... |
BitchCoder
Member
Posts: 10
Location:
Joined: 26.08.08
Rank: Newbie |
|
I meant XHTML, sorry.
I am not sure what level we are talking about, I really don't know where to start when it comes to this stuff. I taught myself to code by doing one thing I wanted the site to do at a time.
I ran a little 'test' at http://searchsoftwarequality.techtarget.com/tip/0,289483,sid92_gci1159276,00.html. It didn't show up as step 4, but as step 5, aka, didn't show up on the page, but was in the source code.
If you would like to see my site PM me, I would rather it not be public, and this profile not be related back to my business. I doubt ppl around here would hire a web designer that was active on a hacking web site.
|
|
|
| Author |
RE: Yes I am a Noob.... |
BitchCoder
Member
Posts: 10
Location:
Joined: 26.08.08
Rank: Newbie |
|
Forgot, the web site I am concerned about is not XHTML, CSS, or any other compliant. It was my first baby, and I haven't updated it yet. I am planning a restructuring as soon as I feel up to it. It's been the same site with just personal updates for years. When I start to change it I always get a little sad |
|
|
| Author |
RE: Yes I am a Noob.... |
nights_shadow
Member
Posts: 856
Location: /var/log/messages
Joined: 30.12.04
Rank: God |
|
|
BitchCoder wrote:
I meant XHTML, sorry.
I am not sure what level we are talking about, I really don't know where to start when it comes to this stuff. I taught myself to code by doing one thing I wanted the site to do at a time.
I ran a little 'test' at http://searchsoftwarequality.techtarget.com/tip/0,289483,sid92_gci1159276,00.html. It didn't show up as step 4, but as step 5, aka, didn't show up on the page, but was in the source code.
If you would like to see my site PM me, I would rather it not be public, and this profile not be related back to my business. I doubt ppl around here would hire a web designer that was active on a hacking web site.
Where did you submit that query? Was it the login box that was in that document?
Yeah, you can hit me up on PM or AIM if you want it to be faster.
|
|
|
| Author |
RE: Yes I am a Noob.... |
BitchCoder
Member
Posts: 10
Location:
Joined: 26.08.08
Rank: Newbie |
|
|
login box |
|
|
| Author |
RE: Yes I am a Noob.... |
COM
Banned
Posts: 800
Location:
Joined: 31.08.07
Rank: God |
|
Hi BitchCoder, I fucking hate noobs.
It's one thing to declare yourself new to something, or a beginner, or bewildered by a subject, but people proudly declaring themselves noob is idiotic since it's about as stupid as a retarded kid who's been hit over the head with a frying pan.
Anyhow, that's just a personal annoyance of mine, after all it was just a dumbass phrase used as an introduction and you know how first impressions never last.
Welcome to HBH
K'aem'nhi kh'rn, K'aem'nhi kh'r, K'aem'nhi kh'rmnu.
I'a Y'gs-Othoth! |
|
|
| Author |
RE: Yes I am a Noob.... |
BitchCoder
Member
Posts: 10
Location:
Joined: 26.08.08
Rank: Newbie |
|
I read alot of the other forums here before posting. I just wanted to make it clear that I understood part of joining a forum like this is I was going to ask stupid questions (to the reader anyway) and say things you thought would be stupid. Then someone would make fun of me being a noob, so I just got it out of the way.
Peace. |
|
|
| Author |
RE: Yes I am a Noob.... |
COM
Banned
Posts: 800
Location:
Joined: 31.08.07
Rank: God |
|
My point is; you don't do any good by saying anything like that, we're all new at some point, what you do is call unnecessary attention to it. If a question is considered stupid, calling a lot of attention to it beforehand won't change anything about the question itself.
Just have some pride and if you want to tell everyone that you're new, just say that you are indeed new to the subject, that's all. There's no need to publicly insult yourself.
K'aem'nhi kh'rn, K'aem'nhi kh'r, K'aem'nhi kh'rmnu.
I'a Y'gs-Othoth! |
|
|
| Author |
RE: Yes I am a Noob.... |
nights_shadow
Member
Posts: 856
Location: /var/log/messages
Joined: 30.12.04
Rank: God |
|
|
BitchCoder wrote:
login box
Low-level. Not exactly something incredibly urgent and dangerous.
Learn how to patch it (very simple) & learn how attackers would use it (so if another one is found, you won't get fucked over by it).
|
|
|
| Author |
RE: Yes I am a Noob.... |
BitchCoder
Member
Posts: 10
Location:
Joined: 26.08.08
Rank: Newbie |
|
|
What about other security threats, how do I look for them? |
|
|
| Author |
RE: Yes I am a Noob.... |
nights_shadow
Member
Posts: 856
Location: /var/log/messages
Joined: 30.12.04
Rank: God |
|
|
BitchCoder wrote:
What about other security threats, how do I look for them?
Learn about them. For beginner site admins who don't have the means to get a professional audit job done Acunitex and other vulnerability scanners are going to be your friends. Hundreds to thousands of different attacks with fast results. You can look at their output to see possibly how they would attack through it and also, possibly patch options.
You can learn about how the exploits work after you patch them, seeing as that seems to be your first worry.
|
|
|
| Author |
RE: Yes I am a Noob.... |
skathgh420
Member
Posts: 418
Location: 127.0.0.1
Joined: 03.03.08
Rank: God |
|
Welcome to HBH feel free to PM me if you have any questions and I will try my best to help you.
 |
 
|
Main:
