Greek company is hiring. Hooorayyyy. They want some HTML/PHP/MySQL registration form. A friend of mine sends his CV along with the registration form. They contact him and schedule a presentation of the form with their chief PHP developer.
Time for the chief PHP developer to ask him a few questions.
-I saw that the password is encrypted. How do you decrypt it?
For fuck’s sake. I guess that when the guy hears hash functions thinks of marijuana.
-I would block multiple HTTP requests by modifying the Apache.
Yes, cause we haven’t invented neither firewalls nor sessions. I would mention IDS/IPS, apache mod_sec etc but I would go too far.
-The way you check for the required fields is HTML 5.
-Posting the same parameter always leads to SQLi.
It may lead to DDoS. I’d say port knocking as well but…
I’d say that these guys should be unemployed etc but… That company is hired by the greek public sector. Can you spot the irony?