Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Well, yes. If you were going to exploit CGI scripts you'd likely use wget or curl instead of coding an HTTP client from scratch so why is this suprising?


It's a little surprising because I'm tempted to classify this one as 'requires 0 lines of code'.


its pretty much the same for CGIs, its a one liner. theres other exploits like that. it happens :)




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: