JUST GOT HACKED
Tim Delaney
timothy.c.delaney at gmail.com
Tue Oct 1 19:48:30 EDT 2013
On 2 October 2013 09:28, Νίκος <nikos.gr33k at gmail.com> wrote:
>
> con = pymysql.connect( db = 'mypass', user = 'myuser', passwd =
> 'mysqlpass', charset = 'utf8', host = 'localhost' )
>
> That was viewable by the link Mark have posted.
>
> But this wasnt my personal's account's login password, that was just the
> mysql password.
>
> Mysql pass != account's password
Because there's no chance with the brilliance you display that there could
be any possibility of login details being kept in plaintext in your
database.
And of course your database is so well locked down that no attacker with a
login to it could then execute arbitrary code on your system.
And there's also zero chance that your personal account login details are
also available in plaintext somewhere that you're unaware of.
Tim Delaney
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/python-list/attachments/20131002/f44e52fa/attachment.html>
More information about the Python-list
mailing list