What about Web Security?
Do you think you can tackle simple CTFs with your current knowledge?
No? What a shame! :-(
But don’t worry, we’ve got what you need. This is the first class offered by ZenHack: Web Security, Part 1.
Andrea Valenza (avalz), our web expert, introduced our students to a dangerous family of attacks, named SQL Injection. What’s a SQL Injection, after all?
Imagine you have this SQL Command in a PHP script:
$con->query("SELECT * FROM users WHERE username='$user' AND password='$pass'”);
Of course, $user
and $pass
are parameters directly passed to the query.
Well…. what about $user
= LOL' -- -
?
SELECT * FROM users WHERE username='LOL' -- -' AND password='anything'
--
is the comment syntax in SQL, so I need another char after the blank to trigger this trick (and avoid trimming).
Le jeux sont fait. This query returns every user stored on the DB.
Isn’t it so cute?
avalz also created a Virtual Machine (cyber-gym) which contains different exploitable web scripts. You can use them to practice aspects of Web Security. That was the core of the first class; you can find the related slides here!
Next one will cover Android Security!
666c61677b696e6965747469616d6f5f636f6d655f695f70617a7a697d
:-D