|
|
|
|
|
|
|
|
|
|
|
|
|
214, 6/11 |
|
kmc8724 | |||||||
SQL Injection °ø°Ý±â¹ý Áú¹®µå¸³´Ï´Ù. | |||||||
http://www.hackerschool.org/HS_Boards/zboard.php?id=QNA_Web&no=151 [º¹»ç]
Hit : 4748 Date : 2013/07/03 03:15
|
|||||||
rubiya | ½Ì±ÛÄõÅÍ ÇѱÛÀÚ¸¦ ġȯÇÒ¶§´Â replace¸¦ ¿ìȸÇÒ¼ö´Â ¾øÁö¸¸ ÀԷ¹޴°÷À» ½Ì±ÛÄõÅÍ·Î ¹Áö ¾Ê¾Ò´Ù¸é °ø¹é¹®ÀÚ(%20)¸¦ »ç¿ëÇؼ select * from table where no=1 ¿¡´Ù°¡ select * from table where no=1 union select ... ÀÌ·±½ÄÀ¸·Î ¿øÇÏ´Â Äõ¸®¸¦ µ¡ºÙÀÏ ¼ö ÀÖ½À´Ï´Ù. ½Ì±ÛÄõÅÍ ÀÚü¸¦ ÇÊÅ͸µÇÒ°æ¿ì¿¡´Â ±× ¿Ü¿¡´Â °ø°ÝÀÌ ºÒ°¡´ÉÇÑ°É·Î ¾Ë°íÀÖ½À´Ï´Ù. |
2013/07/04 | |
kmc8724 | rubiya / ·çºñ¾ß´Ô ¸ÕÀú ¼ÒÁßÇÑ ´äº¯ °¨»çµå¸³´Ï´Ù(_ _) °øºÎ°¡ ‰ç½À´Ï´Ù. * ÀÌ·±°Íµµ replace·Î ¸·Àº»óÅÂ¸é ¾Æ¾Ö SQL injection°ø°ÝÀÌ ºÒ°¡´ÉÇϰԵdz׿ä? ±×·¯¸é ´Ù¸¥ °ø°Ý±â¹ýÀ¸·Î ÇØÅ·À» ½ÃµµÇؾßÇϴ°ǰ¡¿ä? |
2013/07/04 | |
rubiya | ³× ´Ù¸¥ ¹æ¹ýÀ» ã¾Æº¸½Ã´Â°Ô ÁÁ¾Æº¸À̳׿䤻 | 2013/07/05 | |
|
|