From 41f3be1bd350afd857675ce4da4ab3685d01c799 Mon Sep 17 00:00:00 2001 From: Miroslav Stampar Date: Mon, 30 Sep 2013 23:30:06 -0700 Subject: [PATCH] Update of link for OWASP TOP 10 --- Introduction.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/Introduction.md b/Introduction.md index 0a08615..1e6e6f7 100644 --- a/Introduction.md +++ b/Introduction.md @@ -19,7 +19,7 @@ is the same page as the original one and (the condition evaluates to **True**): differs from the original one (the condition evaluates to **False**). This likely means that you are in front of a SQL injection vulnerability in the `id` `GET` parameter of the `index.php` page. Additionally, no sanitisation of user's supplied input is taking place before the SQL statement is sent to the back-end database management system. -This is quite a common flaw in dynamic content web applications and it does not depend upon the back-end database management system nor on the web application programming language; it is a flaw within the application code. The [Open Web Application Security Project](http://www.owasp.org) rated this class of vulnerability as the [most common](http://owasptop10.googlecode.com/files/OWASP%20Top%2010%20-%202010.pdf) and serious web application vulnerability in their [Top Ten](http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project) list from 2010. +This is quite a common flaw in dynamic content web applications and it does not depend upon the back-end database management system nor on the web application programming language; it is a flaw within the application code. The [Open Web Application Security Project](http://www.owasp.org) rated this class of vulnerability as the [most common](https://owasptop10.googlecode.com/files/OWASP%20Top%2010%20-%202013.pdf) and serious web application vulnerability in their [Top Ten](http://www.owasp.org/index.php/Category:OWASP_Top_Ten_Project) list from 2010. Now that you have found the vulnerable parameter, you can exploit it by manipulating the `id` parameter value in the HTTP request. @@ -45,4 +45,4 @@ There exist many [resources](http://delicious.com/inquis/sqlinjection) on the we ## Direct connection to the database management system Up until sqlmap version **0.8**, the tool has been **yet another SQL injection tool**, used by web application penetration testers/newbies/curious teens/computer addicted/punks and so on. Things move on and as they evolve, we do as well. Now it supports this new switch, `-d`, that allows you to connect from your machine to the database server's TCP port where the database management system daemon is listening -on and perform any operation you would do while using it to attack a database via a SQL injection vulnerability. +on and perform any operation you would do while using it to attack a database via a SQL injection vulnerability. \ No newline at end of file