The Web Application Hacker’s Handbook Discovering and Exploiting Security Flaws

Injection into interpreted languages is a very broad topic, encompassing many

Download 5,76 Mb.

Pdf ko'rish

bet	427/875
Sana	01.01.2022
Hajmi	5,76 Mb.
	#293004

1 ... 423 424 425 426 427 428 429 430 ... 875

Bog'liq
3794 1008 4334

Identify any anomalies in the application’s response that may indicate

Injection into interpreted languages is a very broad topic, encompassing many

different kinds of vulnerability and potentially affecting every component of a

web application’s supporting infrastructure. The detailed steps for detecting

and exploiting code injection flaws are dependent upon the language that is

being targeted and the programming techniques employed by the application’s

developers. In every instance, however, the generic approach is as follows:

■

Supply unexpected syntax that may cause problems within the context of

the particular interpreted language.

■

Identify any anomalies in the application’s response that may indicate

the presence of a code injection vulnerability.

■

If any error messages are received, examine these to obtain evidence

Download 5,76 Mb.

Do'stlaringiz bilan baham:

1 ... 423 424 425 426 427 428 429 430 ... 875