05-28-2023, 02:30 PM
who can give instructions or recommendations on sql inject ?
var unreadAlerts = '1';
SQL injeck |
05-28-2023, 02:30 PM who can give instructions or recommendations on sql inject ? 05-28-2023, 06:02 PM 06-06-2023, 01:06 AM do you know SQL? If you don't, then that is your first step. Second would be to implement a simple database connection in a language of your choice. You will understand how SQL injections work and happen that way. You likely have defaulted to string concatenation for your SQL strings that is however what causes SQL injections, you should always use prepared statements instead and use the database drivers functionality to supply arguments. There still might be problems with the input, so you have to do sanity checks on the data provided also. Usually this can be done in the database directly using PL/SQL but using client side checks is more common now. Client side means client to the database and is usually still on the server a customer or anything should never run software that has direct database access ofc. 06-07-2023, 08:26 AM this maybe could help you out anonfiles.com/q9Sb4aebba/SQL_Injection_Tutorial.pdf 06-15-2023, 05:21 AM If you're learning, take a look at Hack The Box and search for SQL Injection machines aha@lake.money TOX: E9D179114E95EC8FA4F5E35AFA3730C02A820E6AC390EB256B43117E507BB62BAC5A381CBBF4 |
« Next Oldest | Next Newest » |