Quote (StormHasHe @ Nov 28 2012 06:28am)
Yeah... And that's how you can get session hijacked as well =/
Only if your hash function is retarded and/or if you're communicating through a secure layer. Of course, if you're doing stuff in the clear without signature verification, it really doesn't matter anyway.
This post was edited by irimi on Nov 28 2012 01:13pm