hohn/codeql-dataflow-sql-injection
1
0
Fork 0
mirror of https://github.com/hohn/codeql-dataflow-sql-injection.git synced 2025-12-16 18:23:05 +01:00
Code Issues Packages Projects Releases Wiki Activity

'Running the program' sequence added to slides

Browse Source
This commit is contained in:
Michael Hohn
2020-07-16 17:43:43 -07:00
committed by =Michael Hohn
parent 90a3bee380
commit b241632815
3 changed files with 12 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

10
README.org
View File

@@ -6,26 +6,32 @@
\033[32m---- SQL injection demo ----\[\033[33m\033[0m\]
$?:$ '
# Build
./build.sh
# Prepare db
./admin rm-db
./admin create-db
./admin show-db
# Add regular user interactively
./add-user 2>> users.log
First User
# Check
./admin show-db
# Regular user via "external" process
echo "sample user" | ./add-user 2>> users.log
echo "User Outside" | ./add-user 2>> users.log
./admin show-db
# Add Johnny Droptable
./add-user 2>> users.log
Johnny'); DROP TABLE users; --
# And the problem:
./admin show-db