๋ณธ๋ฌธ ๋ฐ”๋กœ๊ฐ€๊ธฐ
๋ฐ˜์‘ํ˜•

error-based2

05. SQL ์ธ์ ์…˜(MySQL, Oracle, MSSQL, ...) ์ทจ์•ฝ์  ์†Œ๊ฐœDB ์„œ๋ฒ„์™€ ํด๋ผ์ด์–ธํŠธ๊ฐ€ ์ƒํ˜ธ์ž‘์šฉ์ด ์ด๋ฃจ์–ด์ง€๋Š” ํŒŒ๋ผ๋ฏธํ„ฐ ๊ฐ’์— SQL ์ฟผ๋ฆฌ๋ฌธ์„ ์‚ฝ์ž…ํ•˜์—ฌ ํ•ด๋‹น DB์˜ ์ •๋ณด๋ฅผ ์–ป๊ฑฐ๋‚˜ ์กฐ์ž‘ํ• ์ˆ˜ ์žˆ๋Š” ์ทจ์•ฝ์  ํŒ๋‹จ ๊ธฐ์ค€SQL ์ฟผ๋ฆฌ ์ž…๋ ฅ ๊ฒ€์ฆ์ด ๋ฏธํกํ•˜์—ฌ ์„œ๋ฒ„์™€ ์งˆ์˜/์‘๋‹ต์„ ๋‚˜๋ˆ„์–ด ์ •๋ณด๋ฅผ ์–ป์„ ์ˆ˜ ์žˆ๋Š” ๊ฒฝ์šฐ ์ข…๋ฅ˜(Error-Based, Union-Based, Blind-Based, Stored Procedure Based, ...)> Error-Based SQL Injection: ๊ฐ•์ œ๋กœ ์—๋Ÿฌ๋ฅผ ์œ ๋ฐœ์‹œ์ผœ ์—๋Ÿฌ ์ •๋ณด๋ฅผ ํ™•์ธํ•˜๊ณ  DB์ •๋ณด๋ฅผ ์–ป์„ ์ˆ˜ ์žˆ๋Š” ๊ฒฝ์šฐ > Union-Based SQL Injection: ์›๋ž˜ ๊ธฐ์กด์˜ ์š”์ฒญ SQL ๋ฌธ์— ์ถ”๊ฐ€ ์ฟผ๋ฆฌ๋ฅผ ์‚ฌ์šฉํ•ด์„œ DB์ •๋ณด๋ฅผ ์–ป์„ ์ˆ˜ ์žˆ๋Š” ๊ฒฝ์šฐ(์ปฌ๋Ÿผ๋ช…์€ ๊ธฐ์กด ์š”์ฒญ SELECT ๋ฌธ๊ณผ ๋‹ฌ๋ผ๋„ ๋˜์ง€๋งŒ ์ปฌ๋Ÿผ ๊ฐฏ์ˆ˜๊ฐ€ ๋‹ค๋ฅด๋ฉด ์˜ค๋ฅ˜๊ฐ€ ๋ฐœ์ƒ).. 2024. 4. 11.
[Dreamhack] Level1: error based sql injection ๐Ÿ›Ž๏ธ Access Simple Error Based SQL Injection ! ๐Ÿ‘พ Exploit Algorithm & Payload > app.py ๋”๋ณด๊ธฐ import os from flask import Flask, request from flask_mysqldb import MySQL app = Flask(__name__) app.config['MYSQL_HOST'] = os.environ.get('MYSQL_HOST', 'localhost') app.config['MYSQL_USER'] = os.environ.get('MYSQL_USER', 'user') app.config['MYSQL_PASSWORD'] = os.environ.get('MYSQL_PASSWORD', 'pass') app.conf.. 2024. 1. 26.
๋ฐ˜์‘ํ˜•

ํ‹ฐ์Šคํ† ๋ฆฌํˆด๋ฐ”