How does a ping/time delay command exploit or retrieve data from the database? In which scenario it is used? if a ping/time delay command is executed, how does it help an attacker?
Hi sir, i have a doubt.. The command injuction occurs when the program doesn't perform proper input validation, but how could it be possible, we will get a perfect output only if we have a perfect input 🧐but how 🤔.
Proper input validation is so of u use something such as ; & $ # + ' " etc u could then add on a system command returning the perfect response of the command
I really love that there is no music in the background, this helps more to concentrate on the video.
THANK YOU! I was very stuck on a problem on a ctf for a class I'm in and this saved me.
Nicely explained straight to the point does help to find this vulnerability.
great video, thanks guys!
idk why you act like you're being held at gunpoint but thanks
Presuming the topic is serious or he has public speaking issues.
Thank you!
How does a ping/time delay command exploit or retrieve data from the database? In which scenario it is used? if a ping/time delay command is executed, how does it help an attacker?
it just tells to you that the attack was successfull and you can mount different attacks afterwards
Great intro info
Hi sir, i have a doubt.. The command injuction occurs when the program doesn't perform proper input validation, but how could it be possible, we will get a perfect output only if we have a perfect input 🧐but how 🤔.
because with injection you run also the correct input, but instead of running just the input, you run other command using the separator ;
That is not the same thing
Proper input validation is so of u use something such as ; & $ # + ' " etc u could then add on a system command returning the perfect response of the command
Yea same as what guy before me said
THANK YOUUUUUU
Thanks.
thanks