• aliceif (disco)

    Remember kids, always test your pens before writing comments!

  • VinDuv (disco)
    Comment held for moderation.
  • faoileag (disco) in reply to VinDuv
    Comment held for moderation.
  • algorythmics (disco) in reply to faoileag

    fixing things by changing what they are called so you are Doing it Wrongtm rather than it being broken.

    Complaint Driven Development At It's Finest.

  • no laughing matter (cs)
    u += '&commentnumber=' + encodeURIComponent('frist');
    
  • Eldelshell (disco)

    Wow... just wow... I mean, why? Why would you do this? How could this reach any point further after commited. So many crazy would have had to happen here.

  • royal_poet (disco)

    Oh, the power of lazy. These kind of things happen in my work place all the time.

    Someone just signs it off, because reading beforehand really would be too much hassle for QA.

  • boomzilla (disco) in reply to aliceif
    aliceif:
    Remember kids, always test your penis before writing comments!

    Test my what now?

  • Severity_One (disco) in reply to Eldelshell

    Well, how else would you maintain state and database connections between requests? HTTP is a connectionless protocol, after all. It's not like we have server-side persistent objects that keep the user's state.

  • aliceif (disco) in reply to boomzilla
    boomzilla:
    blablabla
    \*cough* you should have used full:true if you really wanted to troll by misquoting \*cough*
  • boomzilla (disco) in reply to aliceif
    aliceif:
    \*cough* you should have used full:true if you really wanted to troll by misquoting \*cough*

    I prefer to take that off. If only because I hate it on principle.

  • MrBester (disco) in reply to Eldelshell

    As it looks like they are using FrontPage or a very old version of DreamWeaver to edit the files, they obviously don't care about code quality.

    Alternatively, this code snippet was discovered at the beginning of the century, when such things as having a language attribute in a script tag was considered remotely necessary (hint: it never was) and there wasn't anything better to post

  • antiquarian (disco)

    #OMFGWhoReallyDoesThis

    A new meme was born today.

  • FrostCat (disco) in reply to aliceif
    aliceif:
    full:true

    What's that, then?

  • aliceif (disco) in reply to FrostCat
    FrostCat:
    What in the world are you talking about?

    It disables the ^ icon.

  • delfinom (disco)

    Is it crazy that I am thinking of a way to brute force the original text that is blurred? Since the blur reduced each character segment to 4 pixels more or less. The font is also fixed-width so you can guess how many characters there. So it becomes roughly easy....if a computer did the work. So get a program, load the same font, and iterate until it matches...appName would be broken in the first hour since it's 3 characters.

  • Nagesh (cs)

    There is one pizza company in US of A that is having this sending password in ajax (plain text) too to verify login of user.

    That code was developed in Phillipines.

  • cellocgw (disco) in reply to delfinom

    So, what are you waiting for? "Enhance" and post the results already!

  • aliceif (disco) in reply to cellocgw

    Can't he just create a GUI in Visual Basic to find the page the source code's from?

  • chubertdev (disco)

    Someone coming from a technology like VB4 Windows apps to create a web app at a really small shop, I'm guessing. Wouldn't be too surprising.

  • Bort (disco) in reply to aliceif
    aliceif:
    Remember kids, always test your penis before writing comments!

    what?

    aliceif:
    Remember kids, always test your pens before writing comments!

    oh... right. ok. of course. yeah.

  • Pentester (unregistered) in reply to Nagesh
    Nagesh:
    There is one pizza company in US of A that is having this sending password in ajax (plain text) too to verify login of user.

    That code was developed in Phillipines.

    Ah, so Nagesh really is an indian in America pretending to be an American pretending to be and Indian in India....

  • Nagesh (cs) in reply to Pentester
    Pentester:
    Nagesh:
    There is one pizza company in US of A that is having this sending password in ajax (plain text) too to verify login of user.

    That code was developed in Phillipines.

    Ah, so Nagesh really is an indian in America pretending to be an American pretending to be and Indian in India....

    According to some theory, I am also Jeff Atwood' alter ego.

  • the beholder (unregistered) in reply to Nagesh
    Nagesh:
    Pentester:
    Nagesh:
    There is one pizza company in US of A that is having this sending password in ajax (plain text) too to verify login of user.

    That code was developed in Phillipines.

    Ah, so Nagesh really is an indian in America pretending to be an American pretending to be and Indian in India....

    According to some theory, I am also Jeff Atwood' alter ego.

    Impossible. Nowhere near as much arrogance for that. I think the entire TDWTF's readership combined wouldn't muster up as much of an ego.

Leave a comment on “A Pentester's Paradise”

Log In or post as a guest

Replying to comment #:

« Return to Article