hohn/codeql-dataflow-sql-injection
1
0
Fork 0
mirror of https://github.com/hohn/codeql-dataflow-sql-injection.git synced 2025-12-16 10:13:04 +01:00
Code Issues Packages Projects Releases Wiki Activity
6 Commits 2 Branches 2 Tags
60f1f09c605d77b3630f3efa9908c64a85810c92
Go to file
Clone
Open with VS Code Open with VSCodium Open with Intellij IDEA
Download ZIP Download TAR.GZ Download BUNDLE
Michael Hohn 60f1f09c60 Switch to using iterm and keynote instead of svg/rtf
2020-06-30 15:12:39 -07:00
add-user.c
Add simple logging
2020-06-29 17:25:19 -07:00
add-user.sh
Initial sql injection sample in C using sqlite
2020-06-29 15:29:45 -07:00
admin
Initial sql injection sample in C using sqlite
2020-06-29 15:29:45 -07:00
build.sh
Add simple logging
2020-06-29 17:25:19 -07:00
dataflow.key
Add data flow for other functions
2020-06-30 15:10:41 -07:00
README.org
Add simple logging
2020-06-29 17:25:19 -07:00

README.org

SQL injection example

Setup and sample run 

  ./build.sh

  ./admin create-db
  ./admin show-db

  # Add regular user interactively
  ./add-user 2>> users.log
  ./admin show-db

  # Regular user
  echo "sample user" | ./add-user 2>> users.log
  ./admin show-db

  # Johnny Droptable
  echo "Johnny'); DROP TABLE users; -- " | ./add-user 2>> users.log

  ./admin show-db
Description
sql injection sample in C using sqlite
Readme 4.2 MiB
Languages
Shell 44.1%
C 30.9%
CodeQL 25%