Portál AbcLinuxu, 11. května 2025 10:36
<?php
header('Content-Type: text/html; charset=utf-8');
echo htmlspecialchars(@$_REQUEST['s']);
Testujem to pomocou skipfish:
skipfish -u -o test "http://localhost/test.php?s=hello"A hlasi mi to
High risk: system compromise: Query injection vector (1) http://localhost/test.php?s=hello'" [ show trace + ] Memo: response to ''''"""" different than to '"'"'"'"Trace je
=== REQUEST === GET /test.php?s=hello'" HTTP/1.1 Host: localhost Accept-Encoding: gzip Connection: keep-alive Range: bytes=0-399999 User-Agent: sfish'" Referer: sfish'" Accept-Language: sfish'",en === RESPONSE === HTTP/1.1 200 Partial Content Date: Tue, 24 Jan 2017 11:39:35 GMT Server: Apache/2.4.18 (Ubuntu) Content-Range: bytes 0-11/12 Content-Length: 12 Keep-Alive: timeout=5, max=92 Connection: Keep-Alive Content-Type: text/html; charset=utf-8 hello'" === END OF DATA ===Ako to moze byt zneuzitelne? Je to naozaj chyba?
Na otázku zatím nikdo bohužel neodpověděl.
Tiskni
Sdílej:
ISSN 1214-1267, (c) 1999-2007 Stickfish s.r.o.