incubator-cassandra-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Edward Capriolo <edlinuxg...@gmail.com>
Subject Re: "SQL" Injection C* (via CQL & Thrift)
Date Thu, 20 Jun 2013 18:56:48 GMT
My first interaction with cassandra: ../nodeprobe -p 9160 ...
Hum I can't seem to reach it :) Ow its no longer running...

You've come along way baby.


On Thu, Jun 20, 2013 at 12:59 PM, Robert Coli <rcoli@eventbrite.com> wrote:

> On Thu, Jun 20, 2013 at 2:15 AM, aaron morton <aaron@thelastpickle.com>
> wrote:
> >> As for the thrift side (i.e. using Hector or Astyanax), anyone have a
> crafty way to inject something?
> >
> > The only thing I've ever heard of coming close was a thrift bug that
> allowed a malformed request to crash the server. But that was a while ago
> https://issues.apache.org/jira/browse/CASSANDRA-475
>
> Oh, that brings me back. Literally my first interaction with a
> cassandra server :
>
> - start cassandra
> - telnet localhost 9160
> - "asdasdasdasdsa"
> - "Connection reset by peer"
> - notice server has crashed
>
> Not *really* a Cassandra bug, but hilarious nonetheless. :)
>
> =Rob
>

Mime
View raw message