Security by obscurity...



  • Hello...

     Here is another little gem i found. I am working on a system and i needed to create a user. Its a simple setup in the DB with a User, Roles, and a UserRole table...

     So I created a user, and wanted to add myself to the appropriate roles.. The Roles table has 4 entries and I challenge you to name me one possible role i could have picked :D

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

     

    <font face="Times New Roman">Server</font>

    <font face="Times New Roman">Switch</font>

    <font face="Times New Roman">Router</font>

    <font face="Times New Roman">Hub</font>

    <font face="Times New Roman"></font>

     



  • was your username 3Com? :¬)



  • Well I guessed Zeus, Thor, or Jupiter as a synonym for root. But I was wrong.

    What did each of the roles actually MEAN? 



  • Well..

     

    The Roles table also has an ID field. so its

    1 - Server

    2- Switch etc,,,

    Inside the Source there is never a check against a role, only against the ID values...

    From double checing the source:

    Server = Read

    Switch = Read/Write

    Hub/Router = Exception/Undefined behavior/NO behavior ;) (Depends on the class)

     


Log in to reply
 

Looks like your connection to What the Daily WTF? was lost, please wait while we try to reconnect.