Tencent Daniu pro Web end vulnerability analysis and defense skills

Download:Tencent Daniu pro Web end vulnerability analysis and defense skills

The project is finally online, but there are security threats. Are you afraid? This course demonstrates XSS, CSRF, click hijacking, SQL injection and other major security issues and defense measures with a practical project, to dispel your concerns about project security, for their own development of the project to hold up an umbrella.

This course is an introductory course for Web security, learning the principle of Web security from scratch, suitable for certain development experience, want to improve their code security; Or a developer who wants to work in security

Technical skills: Familiar with HTML, JavaScript, Node.js, Koa, PHP, MySQL, SQL injection

SQL injection is the behavior that the server side does not strictly verify the data sent by the client, so the SERVER side SQL statement is maliciously corrected and successfully executed.

Essence: User input data is executed as code. Any central interaction with the database is likely to have injection.

SQL injection Type Data transmission: GET POST COOKIE

Data type: Integer character type

Injection form: combined with the query error report Boolean blind injection time blind injection push query

The common steps of SQL injection determine whether changes in injection-controlled parameters can affect the results of a page. —-> If an error is reported in the database, you can see the statement trace of the database. Whether the entered SQL statement does not report errors —-> the statement can be successfully closed. Check whether the injection-type statement can be corrected by malicious intent and whether it can be executed to get the data we want

MySQL allows an “information_schema” database to be stored in the database with three important table names schemata,tables, and columns.

The schemata table stores the database names of all databases created by the user. The field name is schema_name.

The tables table stores the database names and table names of all databases created by the user. The database database name and table name fields are table_SCHEMA and table_name respectively.

Columns Specifies the name of the database where all columns are stored. The columns are table_schema,table_name, and column_name respectively.

Select the field name from the database name. Table name select the name of the field to be queried from the database name. Table name WHERE known field name = ‘known field value’ SELECT the field name from the database name. Name of the table where the known conditions field name 1 = ‘the value of the known conditions 1 and 2 the condition of known field name =’ 2 the value of the known conditions limit usage limit m, n m record the position of the beginning, from zero beginning said first documented; N means take n records.

The important function database() is the database used by the current site. Version () Indicates the current MySQL version. User () Indicates the current MySQL user. @@datadir Database approach. @@version_compile_OS OS version concat(STR1, STR2…) Concatenate string concat_ws(separator,str1,str2…) without separator. Concatenation string with delimiters group_concat(str1,str2…) Concatenate all strings in a group and separate each data comment with a comma. Common comments are: # — space /**/ expressed in the URL as: %23 –+