Level 1 $userDetails = $lo->doQuery ($_POST['user_id']); # 입력한 값을 doQuery 객체에 보내고 리턴값을 userDetails 변수에 저장. $query = 'SELECT id,username FROM users WHERE id=' . $injection . ' LIMIT 1'; # d...

정리글 모음 Link blog.ssrf.kr/40 Server-side Advanced - SQL Injection DBMS 종류 별 공격 기법 요약 Server-side Advanced - SQL Injection SQL Injection select id from table where id=...

Output print(*objects, sep=' ', end='\n', file=sys.stdout, flush=False) objects : 출력할 값들 sep : 구분자 end : 마지막에 출력할 값 ...

level 1 <% str = Request("str") If not str = "" Then result = Replace(str,"a","aad") result = Replace(result,"i","in") result1 = Mid(result,2,2) result2...

incubus query : {"$where":"function(){return obj.id==''&&obj.pw=='';}"} <?php include "./config.php"; login_chk(); $db = mongodb_connect(); if(preg_match('/prob|_|\(/i', $_GET['...

siren query : {"id":null,"pw":null} <?php include "./config.php"; login_chk(); $db = mongodb_connect(); $query = array( "id" => $_GET['id'], "pw" => $_GET['pw'] ); ech...

cerberus query : {"id":null,"pw":null} <?php include "./config.php"; login_chk(); $db = mongodb_connect(); $query = array( "id" => $_GET['id'], "pw" => $_GET['pw'] ); ...

kraken query : select id from member where id='' and pw='' <?php include "./config.php"; login_chk(); $db = mssql_connect("kraken"); if(preg_match('/master|information|;/i', $_GET['id']...

mummy query : select <?php include "./config.php"; login_chk(); $db = mssql_connect("mummy"); if(preg_match('/master|sys|information|;|\(|\//i', $_GET['query'])) exit("No Hack ~_~");...

yeti query : select id from prob_yeti where id='' and pw='' <?php include "./config.php"; login_chk(); $db = mssql_connect("yeti"); if(preg_match('/master|sys|information|;/i', $_GET['i...