Difference between revisions of "SQLi"

From Prof. Vinicius Vieira
Jump to navigation Jump to search
(Created page with "teste")
 
Line 1: Line 1:
teste
+
== Links Importantes ==
 +
 
 +
O que é um ataque do tipo SQL Injection | https://portswigger.net/web-security/sql-injection
 +
 
 +
Cheat Sheet para SQLi | https://portswigger.net/web-security/sql-injection/cheat-sheet
 +
 
 +
 
 +
== Exemplo de código fonte vulnerável (PHP) ==
 +
 
 +
 
 +
  $query = "SELECT * FROM users WHERE user='" .
 +
  $_POST['username'] . " ' AND password=' " .
 +
  $_POST['password'] . " ' ";
 +
  $response = mysql_query($query) ;

Revision as of 16:50, 31 March 2021

Links Importantes

O que é um ataque do tipo SQL Injection | https://portswigger.net/web-security/sql-injection

Cheat Sheet para SQLi | https://portswigger.net/web-security/sql-injection/cheat-sheet


Exemplo de código fonte vulnerável (PHP)

 $query = "SELECT * FROM users WHERE user='" .
 $_POST['username'] . " ' AND password=' " .
 $_POST['password'] . " ' ";
 $response = mysql_query($query) ;