Update for 28-02-22 16:00

This commit is contained in:
Tyler Perkins 2022-02-28 16:00:01 -05:00
parent 9630135b9f
commit 5650ddb8ac
3 changed files with 11 additions and 1 deletions

View File

@ -6,7 +6,6 @@ network, with caching and other optimizations.
== Database Design Principle ==
== SQL ==
See [[../lang/sql]]

View File

@ -53,6 +53,8 @@ Hiding information
Try setting the HTTP `Host` header value to `internal-ip:80` where internal ip
is the ip address of a device inside of the target network
* [[sqli]]

9
tech/sqli.wiki Normal file
View File

@ -0,0 +1,9 @@
= SQLI =
SQLI or SQL injection is a type of attack where sql is placed into a field in
an application, as is directly passed to a DBMS.
An attack typically works by prematurely terminating a text string and
appending a new command. Because the inserted command may have additional
strings appended to it before it is executed, SQLI attack string generally end
with a comment or `--`.