Usage of escape characters-character injection and XSS without quotation marks

Statement: This article is purely YY. If you have any nonsense, please tell THX

In character-filling games, and "is often the key to deciding whether to jump out of the constraints to attack, so there is a bird escape character.

, You can turn "into a disability... this helps us change the internal structure of the character.

SQL Injection

Login interface in MYSQL

$ Db-> query ("Select * from a where username = $ u and pass = $ p ");

Think of universal login? But suppose $ u $ p won't let you enter that?

At this time, we set $ u to $ p to or 1 = 1 #

$ Db-> query ("Select * from a where username = and pass = or 1 = 1 #");

OK

Of course, it only applies to MYSQL. For databases with bad MS, escape characters are not provided .... and the magic must be off, because it also escapes ........... it's just a small conjecture to take advantage of ultra-small space.

Xss

Work und

<Script>

A = ""; B = "<script> alert () </script> //"

<Script>

I don't know if this is the case. If it is not, I will not say it .........

 

 

In addition, sometimes, if the system converts "Conversion", we can turn it into \ "but only" without turning it. It seems like magic.

Summary

In the final analysis, this is the question of invalid quotation marks (that is, whether the quotation marks can be closed)

It must be a string of multiple characters, just like the combination of two characters/* and */In XSS.

SQL Injection may be of little use value.

However, it seems that XSS should have some space to use escape characters and comments for extension.-=

　

Finally, I don't know anything, but it's just a little YY. I feel that the XSS code may be wrong. Please help me to correct it ~ THX

@ Wait for a day to learn the script well

Also, I hate typing.