From ee0bd3f7716546f679bd390d7b681fedf949b2fb Mon Sep 17 00:00:00 2001 From: Marcin Zelent Date: Wed, 30 May 2018 18:27:51 +0200 Subject: Added buffer overflow example --- xss/comments.db | Bin 8192 -> 0 bytes xss/index.php | 36 ------------------------------------ 2 files changed, 36 deletions(-) delete mode 100644 xss/comments.db delete mode 100644 xss/index.php (limited to 'xss') diff --git a/xss/comments.db b/xss/comments.db deleted file mode 100644 index 32114c2..0000000 Binary files a/xss/comments.db and /dev/null differ diff --git a/xss/index.php b/xss/index.php deleted file mode 100644 index e645517..0000000 --- a/xss/index.php +++ /dev/null @@ -1,36 +0,0 @@ -open('comments.db'); - } - } - - if (isset($_POST['user'], $_POST['comment'])) { - $user = $_POST['user']; - $comment = $_POST['comment']; - - $db = new MyDB(); - - $sql = 'INSERT INTO Comments VALUES(\'' . $user . '\',\'' . $comment . '\')'; - $ret = $db->exec($sql); - $db->close(); - } - - echo 'Comments' . - '

Comments

'; - - $db = new MyDB(); - - $sql = 'SELECT * FROM Comments'; - $ret = $db->query($sql); - while ($row = $ret->fetchArray(SQLITE3_ASSOC)) - echo '

' . $row['user'] . ' says:
' . $row['comment'] . '

'; - - $db->close(); - - echo '

Add comment

'; -?> -- cgit v1.2.3