Skip to Main Content
Web Penetration Testing with Kali Linux 2.0, Second Edition
book

Web Penetration Testing with Kali Linux 2.0, Second Edition

by Juned Ahmed Ansari
November 2015
Intermediate to advanced content levelIntermediate to advanced
312 pages
7h 18m
English
Packt Publishing
Content preview from Web Penetration Testing with Kali Linux 2.0, Second Edition

Injection-based flaws

Injection occurs when a malicious user is able to modify the query or a command sent to an operating system, database or any interpreter. SQL injection and command injection attacks are the most common ones. Both of these flaws exist due to poor input validation, where the application and the web server both fail to strip the user input of all malicious data before executing it on the server.

Command injection

At times, the web application may require the help of the underlying operating system to complete certain tasks. For example, the application may want to display the contents of a file saved on the server back to the user, and the web application may invoke a call to the shell to retrieve the contents of the file. This ...

Become an O’Reilly member and get unlimited access to this title plus top books and audiobooks from O’Reilly and nearly 200 top publishers, thousands of courses curated by job role, 150+ live events each month,
and much more.
Start your free trial

You might also like

Web Penetration Testing with Kali Linux

Web Penetration Testing with Kali Linux

Joseph Muniz, Aamir Lakhani
Hands-On AWS Penetration Testing with Kali Linux

Hands-On AWS Penetration Testing with Kali Linux

Karl Gilbert Gupta, Benjamin Caudill

Publisher Resources

ISBN: 9781783988525