A nice look at the initial disclosure of SQLi and early history of SQLi: http://wh1t3rabbitfail.wordpress.com/2012/12/31/worst-april-fools-joke-ever-2/ … (by @attritionorg)
@stevewerby Litchfield's paper and a Twitter discussion a few weeks back gave me pointers to all the references/papers I had forgotten. =)
-
-
@attritionorg Thanks for putting it together in one place. :) Hard to believe it's been 14 years, though admittedly not on my radar til ~03.Thanks. Twitter will use this to make your timeline better. UndoUndo
-
-
-
@attritionorg To be fair, in the article@Wh1t3Rabbit doesn't claim they knew at the time there were SQLI vulns, only that they existed. -
@thegruntingfrog read the quoted text. you can try your best to dance around words, but@Wh1t3Rabbit is saying SQLi at the time. -
@attritionorg@Wh1t3Rabbit My reading of it tends toward "the vulns existed (in retrospect), and it appears that they were exploited." -
@thegruntingfrog OK, read it in the context of my reply. Exploitation of SQLi was pretty rare then. How would@Wh1t3Rabbit know?
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.