GHDB « Hackers For Charity

GHDB

GHDB

Google Search: intitle:"Admin Login" "admin login" "blogware"

Fr0zen rates this entry 2 out of 10.
Submitted: 2005-09-25 00:00:00
Added by: Fr0zen
Hits: 4417
Score: 2

Blogware Login Portal: "An exciting and innovative tool for creating or enhancing your web presence. It is your key to easy publishing on the World Wide Web – share pictures, video, links, documents, newsletters, opinions and more, with family, friends and colleagues. Now you can have a website without being a Webmaster. It’s simple! There is no HTML to learn and no new software to download and install."


Comments:

2005-11-10 11:17:51 (skank): Once again very scary. Also try using intitle:"Admin Login" "superadmin login" "blogware" -.edu -.gov

2005-11-10 22:36:09 (anotherNoobs): On a random web site i found:

Just type your username and click the send button and an email will be sent to you with a 'Confirmation Code'. After you receive the confirmation code, re-type your username and the 'Confirmation Code' into the form. After this form is submitted, a new password will be generated and emailed back to you.


Could you tell me why this back and forth system is safer ?

I think (i'm probably wrong) that send password to an email adressexpose you if the mailbox is unproperly locked, what is the difference with this system ? his question is probably meaningless for an experimented guy but i started studyin IT 2 years ago and and just bougth a french translation of your book few hours ago...

If this question is out of place here be nice and give me a link to a more basic tutorial/website plz.


2005-11-16 18:29:57 (anotherNoobs): I can't understand why you don't even post an answer. I was not agressive and didn't say ur site is badly build, i'm just not founded to do that. I just pointed than in ur book u explain that password recovery is a potential liability and asked to explain why youor system is not exposed.

I hope to have an answers 'cause your book hooked me.