”The Hacker Webzine” har en bra ”cheat sheet” om du vill testa din mysql applikation… http://www.0x000000.com/?i=14
T.ex.
Basics
SELECT * FROM login /* foobar */
SELECT * FROM login WHERE id = 1 or 1=1
SELECT * FROM login WHERE id = 1 or 1=1 AND user LIKE ”%root%”
Use inside login form:
1′ OR 1=1–
1′ OR ’1’ = ’1
”The Hacker Webzine” har en bra ”cheat sheet” om du vill testa din mysql applikation… http://www.0x000000.com/?i=14
T.ex.
Basics
SELECT * FROM login /* foobar */
SELECT * FROM login WHERE id = 1 or 1=1
SELECT * FROM login WHERE id = 1 or 1=1 AND user LIKE ”%root%”
Use inside login form:
1′ OR 1=1–
1′ OR ’1’ = ’1
————————————————————————-
HANDY ONE-LINERS FOR SED (Unix stream editor) Apr. 26, 2004
compiled by Eric Pement – pemente[at]northpark[dot]edu version 5.4
Latest version of this file is usually at:
http://sed.sourceforge.net/sed1line.txt
http://www.student.northpark.edu/pemente/sed/sed1line.txt
This file is also available in Portuguese at:
http://www.lrv.ufsc.br/wmaker/sed_ptBR.html
FILE SPACING:
# double space a file
sed G
# double space a file which already has blank lines in it. Output file
# should contain no more than one blank line between lines of text.
sed ’/^$/d;G’
# triple space a file
sed ’G;G’
# undo double-spacing (assumes even-numbered lines are always blank)
sed ’n;d’
Fortsätt läsa
Fick ett spam som jag unders?kte lite n?rmare, inte kastade det som vanligt.
Det var ett mail d?r det stog s? h?r (klicka INTE p? l?nkarna):
Surprise! You’ve just received a xvglue . com! Greeting
from from ”Angelina” ([email protected])!
To view this greeting card, click on the following
Web address at anytime within the next 30 days.
http://xvglue . com/?6d2989907cd64e28cae3d7703a3b01b
Enjoy!
The xvglue . com! Greetings Team
N?r jag unders?kte sidan dit man kom s? s?g jag att sidan f?rs?kte ladda ner ett par olika program som den t?nkte k?ra p? min dator. Dom programmen skulle ha utnyttjat ett rykande f?rsk s?kerhetsh?l i windows och Internet Explorer. (Jag gjorde min unders?kning i en s?ker linuxmilj?).
Sidan skapade inget knas om jag anv?nde Firefox 😉
Men h?r ser man faran av att klicka p? l?nkar i brev som man f?r, hade jag klickat p? l?nken f?r att l?sa mitt ”e-kort” och anv?nt en o-patchad Internet Explorer s? hade jag varit r?kt.
Ett h?l den f?rs?kte utnyttja finns beskrivet h?r: http://didierstevens.wordpress.com/2007/04/10/and-this-time-the-vector-is-the-animated-cursor-again/
© 2025 Editio Princeps
Tema av Anders Noren — Upp ↑