2018.6.21
文章:SQL Attack(Constraint-based) 中文:基于约束条件的SQL攻击
Contraint-based:基于约束; Contraint:约束;
Herein:于此; Vulnerability:漏洞; eg:Herein, i would like to disscuss another kind of vulnerability related to SQL databases which i as dangerous as SQL Injection;
Demonstrate:演示; Strategies(Strategy):策略;
Filter:过滤; Parameter(s):参数;
eg:Use single quotes(') for additional security 使用单引号来提高安全性。
Crucial:关键; eg:It is crucial to understand a few points before talking about the attack.
Performing:执行; eg:While performing string handling in SQL. 在sql执行字符串查询时。
Clause:子句; eg:such as strings in WHERE clause. 如where子句中的字符串。
Trimming:修剪; Trailing:尾随; eg:Note that this trinmming of trailing whitespaces is done monstly during 'string comparison'. 请注意,尾随空格的修剪大部分是在“字符串比较”期间完成的。
Internally:在内部; Pad:填充; eg:This is because, internally, SQL pads one of the strings with whitespaces so that their length matches before comparing them. 这是因为在内部SQL用空格填充其中一个进行比较的字符串,一边在比较他们之前匹配他们的长度。
Enforce:强制,执行; In case:如果; eg:In any INSERT query, SQL enforces maximum length constraints on varchar(n) by just using the first 'n' characters of the string (in case the length of the string is more than 'n' characters). 在任何INSERT查询中,SQL通过仅使用字符串的前n个字符(如果字符串的长度超过'n'个字符)来强制varchar(n)上的最大长度约束。
Entry:条目; Manually:手动;
************************************************************************************************************
文章:SQL injection that gets around mysql_real_escape_string()
Constructe:构造; Numerous:众多;
Execute:执行; Multiple:多
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2018.6.22
文章:What is this SQL injection doing?
Long story short:长话短说; Unfilter:没过滤;
Charset:字符集; Weird:奇怪的;
Probing:探测; Portion:一部分;
Retrieve:取回; Crack:破解;
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
2018.6.23
文章:Difference between<?php?> and <script language="php"></script>
在刷bugku的文件包含2时遇到的题目,可以说是第一次做这种类型的题目 也是第一次遇到这种姿势特地搜索了下该姿势。
Tutorial:教程; Tag:标签; eg:I was simply goging through the turorial of PHP there i found that we can write our PHP code using <script languaga="php"></script> tag also.
Depracted:弃用; Depracte:藐视;
Trip over:绊倒;
Eg:突然查询到这些区别 然后请移步:文件包含里的文件包含2
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
471
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
