Web applications attacks/Data purification

From aldeid

Jump to navigation Jump to search

Description

INCOMPLETE SECTION OR ARTICLE

This section/article is being written and is therefore not complete.
Thank you for your comprehension.

Example

WebGoat, Dangerous use of eval lesson teaches you how to change the initial effect of the eval function (it initially transforms a string into a number) to display session cookie content.

Protection

Purify the data you receive from the client (also applies to SQL statements) with specific filters:
- Escape characters
- HTML Purifier
- ...

Tools

Comments

Talk:Web applications attacks/Data purification

Retrieved from "https://www.aldeid.com/w/index.php?title=Web_applications_attacks/Data_purification&oldid=35486"

Penetration-testing/Injections-and-inclusions/Data-tampering

Share your opinion