vimwiki/tech/sqli.wiki

16 lines
422 B
Plaintext
Raw Normal View History

2022-02-28 21:00:01 +00:00
= SQLI =
SQLI or SQL injection is a type of attack where sql is placed into a field in
an application, as is directly passed to a DBMS.
An attack typically works by prematurely terminating a text string and
appending a new command. Because the inserted command may have additional
strings appended to it before it is executed, SQLI attack string generally end
with a comment or `--`.
2022-02-28 21:15:01 +00:00
== Also see ==
Also see [[sql]]