Hacker News new | past | comments | ask | show | jobs | submit login

Is it damage if you're just sending data to an endpoint to see what happens. Sounds like he didn't try to send a SQL Injection, he just sent more characters than what was expected.



Yes. It's even damage if you're sending expected requests, but the owner of the server didn't want you to. See: Aaron Schwartz.




Consider applying for YC's Spring batch! Applications are open till Feb 11.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: