|
|
|
|
|
|
|
|
|
|
|
|
|
35, 1/2 |
|
supershop | |||||||
[ÄÚµå°ÔÀÌÆ®2011] vuln 100 ¹¹ÁÒ;;; | |||||||
http://www.hackerschool.org/HS_Boards/zboard.php?id=QNA_CTF&no=14 [º¹»ç]
Hit : 3864 Date : 2011/03/07 07:36
|
|||||||
¸Û¸Û | vuln100Àº µÎ °¡Áö ¹æ¹ýÀ¸·Î Ç® ¼ö ÀÖ½À´Ï´Ù. Çϳª´Â xxx.php.mp3·Î ÆÄÀÏÀ» ¿Ã·Á¼ À¥ ½©À» ½ÇÇàÇÏ´Â °ÍÀÌ°í, ´Ù¸¥ Çϳª´Â SQL Injection ¹®Á¦¿´½À´Ï´Ù. ID3 TAG¿¡ sql¹®À» ³Ö¾î¼ Àüü Å×À̺í Á¤º¸¸¦ ȹµæÇÑ ÈÄ key°¡ ´ã±ä Å×À̺íÀ» ã¾Æ¼ sub query·Î ¹Þ¾Æ¿À¸é µË´Ï´Ù. |
2011/03/11 | |
|
|