Update for 28-02-22 16:00

2022-02-28 16:00:01 -05:00 · 2022-02-28 16:00:01 -05:00 · 5650ddb8ac
commit 5650ddb8ac
parent 9630135b9f
3 changed files with 11 additions and 1 deletions
--- a/tech/databases.wiki
+++ b/tech/databases.wiki
@ -6,7 +6,6 @@ network, with caching and other optimizations.
 == Database Design Principle ==


-
 == SQL ==

 See [[../lang/sql]]
--- a/tech/security.wiki
+++ b/tech/security.wiki
@ -53,6 +53,8 @@ Hiding information
 Try setting the HTTP `Host` header value to `internal-ip:80` where internal ip
 is the ip address of a device inside of the target network

+* [[sqli]]
+



--- a/tech/sqli.wiki
+++ b/tech/sqli.wiki
@ -0,0 +1,9 @@
+= SQLI =
+
+SQLI or SQL injection is a type of attack where sql is placed into a field in
+an application, as is directly passed to a DBMS.
+
+An attack typically works by prematurely terminating a text string and
+appending a new command. Because the inserted command may have additional
+strings appended to it before it is executed, SQLI attack string generally end
+with a comment or `--`.