底下是兩個從實際案例修改而成的 SQL injection 小挑戰,很明顯有 SQL injection 的漏洞
要拿到 flag 不難,但我覺得有趣的是「要如何利用最少的 request,得到最多的資訊」
舉例來說,boolean based 一次只能拿到 true 或 false,資訊量就偏少
如果能直接 union 然後把結果 dump 出來,資訊量就大很多
因此這個挑戰的目的在於如何用最少的 request,得到最多的資訊量
Huli aszx87410
aszx87410
/ AngularTI.md
Created
August 18, 2021 07:43
— forked from mccabe615/AngularTI.md
Angular Template Injection Payloads
aszx87410
/ php_form_submit.md
Created
October 5, 2020 15:11
— forked from jesperorb/php_form_submit.md
PHP form submitting with fetch + async/await
If we have the following structure in our application:
- 📁 application_folder_name
- 📄 index.php
- 📄 handle_form.php
- 📄 main.js
And we fill our index.php with the following content just to get a basic website with a form working. You should be able to run this through a php-server of your choice.
It's the reply to the question raised by @getify on his twitter:
here's a variation on the question... will JS engines exhibit much performance difference between these two loops?
for (var i = 0; i < 100000000; i++) {
// do some stuff, but not closure
}
for (let i = 0; i < 100000000; i++) {
aszx87410
/ mediumUsersFollowedByCount.js
Created
June 30, 2019 21:32
— forked from newhouse/mediumUsersFollowedByCount.js
Medium API: get number of followers for User
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * Example of how to get the number of followers for a Medium.com User. | |
| * | |
| * | |
| * Related links: | |
| * https://github.com/Medium/medium-api-docs/issues/30#issuecomment-227911763 | |
| * https://github.com/Medium/medium-api-docs/issues/73 | |
| */ | |
| // LODASH |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| function isPrime(n) { | |
| if (n === 1) return false; | |
| for (let i = 2; i < n; i++) { | |
| if (n % i === 0) { | |
| return false; | |
| } else { | |
| return true; | |
| } | |
| } | |
| } |
雖然我自己的課程是前後端都有教,而且兩者的比重其實前端多一些而已,但不知道是不是因為我自己是前端工程師的關係,我的學生們都對前端比較有興趣一點,所以大多數出去以後都在找前端工程師的工作。
找後端的應該也是有但還沒有成功案例,如果你是問自學而不是我的學生的案例的話,我這邊沒有案例可以分享,可能要自己 google 找找了。
熱情吧,從小時候就知道對寫程式很有興趣,有了熱情就能夠做下去,做下去就會越來越進步越來越專業然後得到相對的報酬或是讚賞 有了讚賞跟報酬以後就會越有自信繼續走下去,大概就是這樣的一個正向循環
aszx87410
/ config.json
Created
June 23, 2018 06:09
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| //.eslintrc | |
| { | |
| "env": { | |
| "browser": true, | |
| "es6": true, | |
| "node": true, | |
| "jest": true | |
| }, | |
| "parser": "babel-eslint", |
aszx87410
/ firebase_pre-request_script.js
Created
January 10, 2018 09:31
— forked from moneal/firebase_pre-request_script.js
Postman pre-request script to create a Firebase authentication JWT header.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * This script expects the global variables 'refresh_token' and 'firebase_api_key' to be set. 'firebase_api_key' can be found | |
| * in the Firebase console under project settings then 'Web API Key'. | |
| * 'refresh_token' as to be gathered from watching the network requests to https://securetoken.googleapis.com/v1/token from | |
| * your Firebase app, look for the formdata values | |
| * | |
| * If all the data is found it makes a request to get a new token and sets a 'auth_jwt' environment variable and updates the | |
| * global 'refresh_token'. | |
| * | |
| * Requests that need authentication should have a header with a key of 'Authentication' and value of '{{auth_jwt}}' |
aszx87410
/ firebase_pre-request_script.js
Created
January 10, 2018 09:31
— forked from moneal/firebase_pre-request_script.js
Postman pre-request script to create a Firebase authentication JWT header.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * This script expects the global variables 'refresh_token' and 'firebase_api_key' to be set. 'firebase_api_key' can be found | |
| * in the Firebase console under project settings then 'Web API Key'. | |
| * 'refresh_token' as to be gathered from watching the network requests to https://securetoken.googleapis.com/v1/token from | |
| * your Firebase app, look for the formdata values | |
| * | |
| * If all the data is found it makes a request to get a new token and sets a 'auth_jwt' environment variable and updates the | |
| * global 'refresh_token'. | |
| * | |
| * Requests that need authentication should have a header with a key of 'Authentication' and value of '{{auth_jwt}}' |
NewerOlder