모의해킹 (WAPT)171 webhoneypot: Web Application Honeypot webhoneypot is a DShield Web Application Honeypot offering this honeypot for users to capture automated web application exploits. It is a very simple “semi interactive” honeypot implemented in PHP.webhoneypot project is used to develop the honeypot. Do not use this code to install a honeypot unless you are interested in helping development.Prerequisitesfor installing webhoneypot.dshield.org acco.. 2012. 7. 12. MySQL Injection : Step By Step Tutorial Learn How To Hack SQL Injection attacks are code injections that exploit the database layer of the application. This is most commonly the MySQL database, but there are techniques to carry out this attack in otherdatabases such as Oracle. In this tutorial i will be showing you the stepsStep or www.site.com/id=5 If the database is vulnerable, the page will spit out a MySQL error such as; Warning: .. 2012. 6. 20. 6.5 Million LinkedIn Hacked Passwords LinkedIn, one of the biggest professional social networks, has suffered a major breach of its user password database. The attack was confirmed on Wednesday afternoon by Vicente Silveira, Director at LinkedIn, and was followed by an apology to the affected LinkedIn users who now have a hacked password. A file containing nearly 6.5 million hacked passwords was published on a Russian online forum. .. 2012. 6. 11. sqlcake: Automatic SQL injection and database information gathering tool sqlcake is an automatic SQL injection and database information gathering exploitation kit written in Ruby. It’s designed for system administration and penetration testing. It offers a few useful functions to gather database information easily by sql injection usage. It also allows you to bypass magic quotes, dump tables and columns and gives you the possibility to run an interactive MySQL shell... 2012. 5. 30. Advanced SQL Injection 공격사례 정리 1 개요1.1 SQL Query1.2 DML & DLL1.3 Metabata1.4 웹 어플리케이션1.5 일반적인 취약한 로그인 쿼리2 SQL Injection 테스트 방법론1) 입력 값 검증2) 정보 수집3) 1=1 Attacks5) OS Interaction6) OS 명령 프롬프트7) 확장된 효과3 회피 기술3.1 개요3.2 IDS “signature” 우회3.3 입력 값 검증 우회 하기3.4 회피와 우회4 SQL Injection 대응 방안4.1 개요4.2 탐지 및 제한시키기4.3 결론※ 참조자료 및 문서 1 개요SQL은 Structured Query Language의 표준이며, 사용자에게 데이터 베이스를 접근 할 수 있게 해준다. 현재 대부분 SQL99가 SQL Language의 표준이다. SQL은.. 2012. 5. 21. 이전 1 ··· 7 8 9 10 11 12 13 ··· 35 다음
