SQLi

From Prof. Vinicius Vieira
Revision as of 16:50, 31 March 2021 by Admin (talk | contribs)
Jump to navigation Jump to search

Links Importantes

O que é um ataque do tipo SQL Injection | https://portswigger.net/web-security/sql-injection

Cheat Sheet para SQLi | https://portswigger.net/web-security/sql-injection/cheat-sheet


Exemplo de código fonte vulnerável (PHP)

 $query = "SELECT * FROM users WHERE user='" .
 $_POST['username'] . " ' AND password=' " .
 $_POST['password'] . " ' ";
 $response = mysql_query($query) ;