Taint Mode in Perl
Aus Markus' Wiki
Version vom 9. Juli 2012, 08:13 Uhr von Markus (Diskussion | Beiträge)
Code Injection:
#!/usr/bin/perl my $name = $cgi->param("name"); # Get the name from the browser ... $dbh->TaintIn = 1; $dbh->execute("SELECT * FROM users WHERE name = '$name';"); # Execute a SQL query
Good Links: