- Feature Articles
- CodeSOD
- Error'd
- Forums
-
Other Articles
- Random Article
- Other Series
- Alex's Soapbox
- Announcements
- Best of…
- Best of Email
- Best of the Sidebar
- Bring Your Own Code
- Coded Smorgasbord
- Mandatory Fun Day
- Off Topic
- Representative Line
- News Roundup
- Editor's Soapbox
- Software on the Rocks
- Souvenir Potpourri
- Sponsor Post
- Tales from the Interview
- The Daily WTF: Live
- Virtudyne
Admin
Admin
There's an easy way around that...
SELECT Level, Radar, Madam, Kayak FROM Stats;
Also, all customers must now be named Bob, Anna, Hannah, Otto, Elle, Lil or Pip.
Admin
μηδὲν ἄγαν.
Actually, I believe that
γνῶθι σεαυτόν
also applies.
There's nothing particularly wrong with ludicrously obscure column names in databases. There's nothing particularly worthwhile, either. You're all TOAD GUI wimps, aren'tcha?
Classic case for CS indirection: name the columns whatever you feel like in your application, and use a hashmap (or equivalent) to translate them into the original gibberish.
Not a WTF, in my opinion. Merely a totally fucked-up organisation, implementing things in their own little way, and clearly unaware of the slightest risk to security.
And who amongst us, brethren, have not been in that position?
Admin
What are you trying to say man?!
Oh wait, that was to Italian and back to English, not Pig-Latin and back to English.
Admin
sudo yum install sharutils
Captcha: pirates. Against the MAFIAA!
Admin
!seibooB
Admin
I want this text on a T-shirt.
Admin
This message has been quadruple-rot-13 encoded and passed through both gzip and gunzip for extreme security!
Admin
0000000 6142 6573 3436 202c 4f52 3154 2c33 7220 0000020 7665 2e2e 642e 656f 6e73 7427 6120 796e 0000040 6e6f 2065 756a 7473 7520 6573 7020 616c 0000060 6e69 6f20 646c 6820 7865 6120 796e 6d20 0000100 726f 3f65 000a
Admin
"I'd have made sure that all the pointless expensive crap was phase 1, the sensible simple fixes were phase 2, and that the client's senior management knew exactly who had recommended each."
That's a great idea! If you want to lose clients, that is.
Your way, the client ends up paying too much and getting the (quite true) impression that you can't be bothered to do what is best for the customer. Nate's way, the customer got what they needed, then discovered on theit own that Nate really was doing what was best for them. They will remember that he is an honest contractor who cares about establishing a relationship and will likely recomend him in to others in the future.
Admin
It reminds me of this cartoon.
Admin
"WHERE Password='' OR '' = ''."
Wouldn't the dot at the end of that quote cause a syntax error? When I first read it I thought it was trying to compare "" and "." but pasting it into this box shows single quotes.
Admin
The ASP.Net system I've inherited has all those flaws and some more to add.
My favourite is search pages storing the sql string used to perform the search in a cookie. This is to save valuable server resources, because putting things in the session is not in line with their "Best Practices".
I have had several enjoyable conversations regarding my refusal to promote new builds to production without explicit instructions that indicate they have read and acknowlege my concerns.
Also the bloody things hits the production database server using the sa logon, so it not only can fuck itself up, but all the other 20 odd apps - including financials :/
Admin
The real WTF is that they used ASP.
Admin
0110 0011 0110 0001 0111 0000 0111 0100 0110 0011 0110 1000 0110 0001 0011 1010 0010 0000 0110 0010 0111 0101 0110 1110 0110 0111 0110 0001 0110 1100 0110 1111 0111 0111
Admin
You always put a dot at the end of the sentence. Always.
Admin
Admin
You should double ROT13 that Base64 to be on the safe side!
Admin
javascript:R=0; x1=.1; y1=.05; x2=.25; y2=.24; x3=1.6; y3=.24; x4=300; y4=200; x5=300; y5=200; DI=document.getElementsByTagName("img"); DIL=DI.length; function A(){for(i=0; i-DIL; i++){DIS=DI[ i ].style; DIS.position='absolute'; DIS.left=(Math.sin(Rx1+ix2+x3)x4+x5)+"px"; DIS.top=(Math.cos(Ry1+i*y2+y3)*y4+y5)+"px"}R++}setInterval('A()',50); void (0);
(Hint: C&P it into your address bar and hit enter)
Admin
Newer zip versions support 256AES encryption. Good luck, and see you in a few millenia.
Admin
Admin
Admin
I was more referring to the "illogical American quoting style": Ref http://en.wikipedia.org/wiki/American_and_British_English_differences#Punctuation
Admin
While enrolled at the Université du Québec en Outaouais, the database teacher said that “a good way to truncate table/column names was to remove the vowels”.
I replied “they gonna have fun with ‘Outaouais’”… After thinking about it for a good 10 seconds, he bursted out laughing…
Admin
A friend form Uni has written a Java program which, when run on a Java source file, replaces all javadoc comments (not the @tags) and string literals with rotated versions (It only works if the input text is purely Latin characters, otherwise it skips the letter). Seeing a dialogue box with all the text upside down is pretty funny.
Admin
Admin
Because an empty string ('') is always equal to itself, This is false in Oracle at least. Empty string is NULL and comparisons with NULL are always false.
Captcha:sanitarium. How fitting.
Admin
Users with no shell do not deserve to read this.
#!/bin/sh perl -e 'print qq/'
'\x1f\x8b\x08\x00\x10\x28\x28\x47\x00\x03\x65\x94\xcd\x72\xa3\x3a'
'\x14\x84\xf7\xbc\x4a\x36\x90\x40\x62\x2f\x31\x08\x1b\x30\x08\x09'
'\x49\x04\x76\xb9\xa4\x0a\x10\xf2\xcf\x4d\x5c\x65\x9b\xa7\xbf\x2d'
'\x4f\x66\x6a\xaa\xee\x2a\x15\x83\xc4\xe9\xd3\x5f\x77\x7b\x50\xc7'
'\x8f\xc6\x1f\x4a\x1d\x5e\xd3\xc8\xcd\x85\x08\x9f\x73\xb9\xf2\xf9'
'\x5d\x15\x79\xf4\x99\x49\x3d\x3c\x57\xaa\xf5\xf9\xa4\xea\x2a\x4e'
'\x47\xbe\xb8\xcf\x8d\xec\x4f\x99\xf6\x54\x45\xd2\xd1\xe1\xe2\xb6'
'\x2d\xe4\xb0\xe6\x1a\x2f\xcc\xfd\x99\x09\x53\xa7\x32\x5d\xc9\x29'
'\x49\xa9\xec\x03\xc6\xce\x65\x55\xa7\x63\x26\x12\xd2\x90\x70\x85'
'\x8b\x18\x15\x1d\x67\x8b\x79\xa7\x32\xf5\x9d\x62\x4a\xf2\x4a\xb6'
'\x6b\x55\x0f\x07\xbc\x70\x29\xee\xbc\xce\x97\xee\x53\x69\xc3\x6a'
'\x35\xac\xb8\xd9\x84\x78\xee\xb3\xf8\xb2\x7d\xc7\x5f\xee\xaa\x34'
'\x9a\xdd\x40\xdd\x4d\x47\xef\x8f\x09\xbc\x5d\xa6\xda\x55\x36\x27'
'\x1d\x25\xdd\x86\x4f\x97\xb0\x8e\x4e\x37\x3e\x27\xac\x12\x18\x59'
'\xbb\x90\x24\x03\x39\x11\x53\x48\xde\xb2\xd8\x3f\xe6\xf2\x1a\xb0'
'\x29\xa1\x54\xf4\x27\x87\xc5\x03\x5e\xe8\x73\x81\x09\xa8\x4a\xed'
'\x45\x49\x45\x32\xbc\x58\x46\xe9\xcf\x04\x94\xf4\xdf\x2c\x36\xef'
'\xa5\x6a\xed\xc1\xae\x22\xad\x51\xf6\x7f\x12\xae\x9d\xd2\x98\x6d'
'\x1e\x75\x9f\x52\xdf\xb6\x19\x34\x2a\x63\x18\x55\xed\x99\x5b\xed'
'\xa4\x9f\x59\xec\x6d\xb3\xe8\xf4\x5d\xb8\xbc\xdb\xeb\x6c\xa8\x63'
'\xe2\xd2\xda\xff\x82\x54\xb5\xc7\x84\x0e\x13\xa7\x63\x2d\x57\x2b'
'\xae\x79\x58\x25\xad\xc7\x74\x10\xa5\xb2\x5f\x97\xf7\x31\x2c\x04'
'\x0b\xf6\xd3\x60\x52\x25\xdf\xa0\xbd\x83\x76\xbb\x44\x89\x09\x89'
'\x98\xb2\xb0\x26\xe1\xc9\xc9\x16\xb5\xc3\x17\xbf\x9b\xe9\x52\xbf'
'\xab\xd4\x2f\x8c\xc1\x52\x3f\x37\x4a\x8f\xef\xb9\x22\x6b\x6e\x46'
'\x4a\x49\xeb\xa9\xe8\xd2\xd4\xaa\x7d\xca\x96\xb1\xfa\x75\xf1\xf7'
'\x92\x25\x32\x77\x44\xed\x5e\xed\xd2\xd4\xa2\x6a\xf8\x9e\x08\x3d'
'\xbf\x14\x2a\x0d\xb8\xbe\x85\xb0\xf1\xdc\x68\x6f\xbb\x97\x72\xcd'
'\x5d\x83\xe7\xfd\xb9\x86\xed\xe5\x5f\x52\x2d\x07\x3b\x68\x07\x07'
'\x63\xb8\x97\x85\x2f\xaf\xe7\xd2\xee\x04\x36\x36\xd4\xfe\x3e\x41'
'\x9a\xb6\x7c\xb8\x87\x4a\xc9\x2f\x36\x91\x11\x6e\x65\x42\x5f\x01'
'\xd4\x35\x70\x18\xb6\xfc\xa3\xf5\xc8\x54\xfa\x96\xe9\xe1\x5f\xea'
'\xb6\x9e\x9c\x86\x43\x69\x5d\x99\xcc\x07\xb4\x3f\xf1\xbb\xd9\x54'
'\x71\x7f\x96\x70\xab\x92\xe9\x29\x33\x1e\x26\xea\x3a\x87\xdf\x07'
'\x7b\xf3\x0a\xf6\x64\xb0\xc7\x13\xd1\x70\xe4\xb8\x88\x6b\xb3\xcb'
'\xa3\x62\x96\xd1\x2d\x2e\x48\xf8\xa6\x16\xb3\x03\x79\xa3\xd2\xc3'
'\x3d\x55\x33\x90\x87\x6b\x8a\x05\x8e\x5a\x38\xcd\x23\xe6\x49\x7d'
'\x05\x20\x04\xc0\x58\x0e\xda\x40\xea\xcb\xb6\x54\xe1\xba\x20\xa6'
'\xa6\x56\x82\xe5\x04\xc8\x67\x4b\x52\x53\xd9\xae\x1e\x5c\x48\x3f'
'\x70\x70\xa0\x01\x40\xa3\x1a\xce\xa5\xfd\x02\x76\xb1\xc5\x45\x27'
'\xbc\x18\x01\x61\xa3\xa2\xbf\x47\x6e\x2f\x4c\x9b\x2d\x96\xf7\xa6'
'\x5c\xbb\xf4\x76\xed\x30\x68\xdf\x4b\x7f\x85\x74\x45\x54\x64\x83'
'\xac\xaf\x3a\x4f\xd8\x57\x69\xbc\xc6\x32\xff\x3f\x84\x09\x96\x8b'
'\x54\x0a\x9c\x43\xe8\x02\x07\x76\x59\xe2\x2e\x72\xb9\xed\x2c\x40'
'\x7c\xb6\x37\xdb\x2d\x7f\x4f\x4d\x74\x9a\xd8\x01\x61\x12\xed\x9a'
'\x2f\xa3\xa8\xc9\x0a\xc8\x5f\x9a\x3d\x78\xe1\x93\x07\xa4\xb3\xce'
'\x91\xb1\xd9\x36\x00\x04\x00\x7d\x60\xe4\x95\xd0\xb0\x55\x0e\x5f'
'\x4a\x7b\x09\x25\xb6\x0f\xe6\xfb\xbb\xec\x5f\xf9\x62\x92\x4a\x6f'
'\xd2\x5c\x27\xbf\x33\x21\xa8\xdb\x23\x8d\xbf\x7c\xef\x1a\x31\x62'
'\xab\xd0\x3a\xd9\x83\x5d\x62\x6d\xb4\xee\x3c\xe2\x2c\xba\x0e\x00'
'\x01\x71\xe2\xe3\x60\x63\xed\x84\x84\x43\x0d\xc4\x9d\x07\x71\xaa'
'\x87\x0b\xdf\x53\x8a\xad\xda\x0c\x3c\xf2\x6e\x4c\x57\x4d\x28\x14'
'\xe1\xda\xdf\xdf\xd4\x64\x52\xaa\x6c\x4a\xe5\x73\xa3\xb0\x64\x31'
'\x86\xd4\xeb\xcf\x0e\x2a\xeb\x5a\xff\x84\xa7\x8a\x5a\xdb\x48\x4d'
'\xf9\x67\xa9\x3f\xbe\xdb\xb8\x0b\xf7\x05\xf6\xa1\xca\xc0\xc3\x83'
'\x17\x7c\x50\xb4\x08\xd3\x6c\x22\x3a\x7d\x26\x20\xec\x88\x83\xaf'
'\x8f\x8b\x48\x6f\xea\xf8\x7a\x40\xf7\xad\xf8\x9d\xff\x4c\x68\x53'
'\xea\x5b\x3b\x1f\xb6\x0b\x6b\x7b\xdc\xcf\x28\x94\x00\x4b\x24\x96'
'\x44\x3c\xd8\x64\x32\xf6\x5f\x72\x48\x41\xd5\xed\xac\x76\x4b\xea'
'\x9f\xa2\xf9\xcd\x85\x92\x8f\xec\x50\x74\xa8\x23\x96\x0b\xd2\x56'
'\x9c\xec\x24\xd0\xfe\x9a\xb9\x8a\x23\x75\x9e\xd0\xa7\x97\x9c\x84'
'\x81\x9a\x1e\x5a\x4f\x2c\xbe\xa2\xb9\x1e\x1f\xfa\xb0\x5d\x58\x83'
'\x54\x49\xae\x90\x30\x99\x24\x8f\x24\x4a\xf3\x0c\x02\x87\xa7\xf2'
'\xae\x36\x39\x3a\x32\xd7\xee\x91\xca\x39\xaf\xe2\xdb\x4f\xc1\x98'
'\x0f\x5b\xf3\xe2\x31\x41\x8b\x70\x8d\x61\x0e\x72\xb1\xc4\xb3\x05'
'\x23\x28\x35\xb4\xa1\xef\x6d\xd3\xb4\xdb\x30\x6f\xc3\xb3\xf9\xe7'
'\xc0\x72\xe7\x3f\xe8\x80\x3f\x1a\x39\x06\x00\x00/' | gunzip
Admin
"Nate, however, was able to break the tasks into two separate phases with the hope that the second one would never come. The first phase involved patching up the actual vulnerabilities (a task he had to fight for) and implementing the least-absurd security requirements from the customer. The second phase involved implementing the most ridiculous mandates, such as the rotating encryption keys."
This is actually quite a brilliant piece of client-management.
Admin
data:image/gif;base64,R0lGODlhEwATAKEAAP%2F%2F%2FwAAAP%2F%2F%2F%2F%2F%2F%2FyH5BAEAAAIALAAAAAATABMAAAI2hA%2BhyJ3vYoCxzVktzecublwJVimiWD4oiZjqiLbvuYUzXOcMa5e83nF8LL9Qsdj5IZMmF6IAADs%3D
Admin
I didn't know you could do that...
Of course, the question is 'WHY can you do that?'...
Admin
(But I've read that it's useful for page icons.)
Admin
Ah yes, the 'ole middle finger .gif in a browser address bar trick. Good times.
Admin
If you do it TOO MANY TIMES, you go blind!!
Admin
There was, and it was deleted. What do you think the kciD post is in reply to?
Admin
Yes that's because they do not know the difference between symmetric and asymmetric algorithms. They think like if AES with 128bit is good than RSA with 512bit will be excellent.
Admin
This is one of the truest things ever posted here. I've been involved in these same kinds of projects, and this is exactly how they work.
Admin
͵ǝʞı̣⅂-po⅁͵ ǝq pƮnoʍ ⇁⃓9ǝsɐq + ǝpoɔı̣uᑎ
Admin
Admin
Too easy. And watch your endianess.
Admin
62 65 67 69 6e 20 36 30 30 20 2d 0a 4d 35 33 2d 31 3c 54 45 27 3b 27 35 41 36 24 55 4e 39 35 2d 22 3d 56 2c 53 34 46 45 29 31 55 49 4e 39 24 41 50 2d 34 45 28 3b 27 31 42 3b 46 3d 47 39 25 3d 3a 3b 56 2d 27 36 47 2d 41 0a 4d 3a 33 31 55 33 26 45 22 33 54 45 27 32 43 2d 44 32 26 51 51 32 34 41 2a 3a 50 49 29 32 25 29 49 38 57 45 21 2c 54 51 38 31 47 35 43 2c 46 5d 47 35 45 3d 32 2d 36 29 38 34 47 49 29 0a 4d 32 26 41 4f 39 23 28 55 2c 36 35 33 30 43 35 44 30 37 60 53 39 24 41 4b 2c 34 45 27 34 43 21 45 3b 46 2d 47 38 56 59 48 3c 54 45 23 39 56 45 2e 35 24 35 59 22 44 45 27 3e 27 49 3a 0a 4d 30 54 45 47 33 25 30 54 39 54 45 4a 35 37 41 2d 3a 34 29 4e 38 46 59 4b 3a 34 45 27 3e 26 55 39 35 56 5d 47 38 56 55 4f 39 56 35 37 2c 37 25 29 31 53 25 55 38 53 2d 4b 3c 24 51 47 0a 23 3b 53 54 2a 0a 60 0a 65 6e 64 0a
Admin
Admin
¿ǝɔıʍʇ ʇɐɥʇ ǝdʎʇ ı pıp ɟʇʍ puɐ
Admin
rot5+base64+uuencode+hexdump muhahaha. (^this was my captcha too)
Admin
Ongratulationscay! Ithway ethay uiltbay-inway igpay atinlay ecuritysay, erethay illway ebay onay ayway anway evilway ackerhay ouldcay everway eakbray intoway ethay ystemsay. Opefullyhay ebayway illway otnay uesay emay orfay usingway ethay ordway "ebay" inway onjunctioncay ithway igpay atinlay.
Admin
| base64 -d | uudecode | perl -e 'tr/a-zA-Z/n-za-mN-ZA-M/ and print while <>'
Anyway, 0000000 1.659050e+28 8.516378e+23 7.618483e-10 1.155156e+07 0000020 5.593032e+04 1.474222e-05 1.452962e+01 3.308191e-09 0000040 4.476148e+27 4.895618e-05 1.513433e+04 3.576019e+06 0000060 2.364153e+02 2.117205e-07 1.452571e+01 5.458429e+01 0000100 1.015396e+12 5.420045e-05 9.447550e+02 3.953299e+21 0000120 7.724055e-10 6.045525e+28 2.393542e+29 6.372241e+10 0000140 3.692421e-42
Admin
)-: oot eM
tniap : ahctpac
Admin
Admin
"[ xor vv..." what ? You truncated the last significant digits of your floats, making the less 2 significant bits of the IEEE754 representation unknown. I could guess some of them, but please complete the question marks:
0000000 1.6590496e+28 8.5163780e+23 7.6184827e-10 1.1551561e+07 0000020 5.5930321e+04 1.4742219e-05 1.4529620e+01 3.3081910e-09 0000040 4.476148?e+27 4.895618?e-05 1.513433?e+04 3.576019?e+06 0000060 2.364153?e+02 2.117205?e-07 1.452571?e+01 5.458429?e+01 0000100 1.015396?e+12 5.420045?e-05 9.447550?e+02 3.9532987e+21 0000120 7.724055?e-10 6.045525?e+28 2.3935423e+29 6.3722405e+10 0000140 3.6924210e-42
Admin