7bb2c087a0
git-svn-id: http://webgoat.googlecode.com/svn/trunk@174 4033779f-a91e-0410-96ef-6bf7bf53c507
17 lines
661 B
HTML
Executable File
17 lines
661 B
HTML
Executable File
<div align="Center">
|
|
<p><b>Lesson Plan Title:</b> How to Perform SQL Injection</p>
|
|
</div>
|
|
<p><b>Concept / Topic To Teach:</b></p>
|
|
<!-- Start Instructions -->
|
|
It is always a good practice to scrub all inputs, especially those
|
|
inputs that will later be used as parameters to OS commands, scripts,
|
|
and database queries. Users should not be able to alter the intent of
|
|
commands that are executed on the server, in many cases as a privileged user.
|
|
<!-- Stop Instructions -->
|
|
<p><b>General Goal(s):</b></p>
|
|
For this exercise, you will perform a SQL Injection attack.
|
|
You will also implement code changes in the database to defeat
|
|
these attacks.
|
|
<br>
|
|
|