Avoid "OR 1=1" in SQL Injections
Рет қаралды 27,219
Күн бұрын
@meh.7539 11 ай бұрын
More of this kind of nuanced, 'teach a person how to ... safely" sort of content, please. Excellent stuff. Thank you.
@ksboi29 11 ай бұрын
Amazing! I was throwing 1 = 1 like noones business!
@UsamaAli-kr2cw 11 ай бұрын
Tibirius never disappoints his viewers. Wonderful insights as always keep it up❤❤❤❤❤
@Tib3rius 10 ай бұрын
Thanks for the kind words!
@GamesOfficialYouTube 10 ай бұрын
@@Tib3rius😂
@shinris3n 11 ай бұрын
I "Learned My Lesson" a few months ago thanks to your box on THM 😅
@EliteBuildingCompany 11 ай бұрын
Me too lol, pretty fun.
@TCMSecurityAcademy 11 ай бұрын
Rock on!
@Saur3n 11 ай бұрын
Name of the lab?
@shinris3n 11 ай бұрын
@@Saur3n "Lesson Learned"
@dami-vx2215 11 ай бұрын
thanks for this
@brandonbowman6043 11 ай бұрын
Thanks for making this easy to understand. I was hoping for a little more "angry Tibs," but I was happy with the result.
@lowbudgetsinger8333 Ай бұрын
very significant knowledge. thank you very much
@M.W.777 11 ай бұрын
Thanks Man!!
@medhamid8003 11 ай бұрын
Limit 1
@GamesOfficialYouTube 10 ай бұрын
Great video
@PhantomWorksStudios 11 ай бұрын
Cant this be negated by using the functions that will escape special chars?? And cant we make our own function if it comes down to it to sterlize " and ' into html hex counterparts from the ascii table?
@Tib3rius 11 ай бұрын
Are you talking about ways to mitigate SQL injection itself? If so, prepared statements are the recommended way to go rather than manually escaping / sanitizing characters.
@ChristopherMadison 11 ай бұрын
Aren't nearly all injection vulnerabilities countered by using parameterized queries? Hasn't that been the standard for many years now? I'm curious how often you've successfully employed SQL injection in production environments recently.
@Tib3rius 11 ай бұрын
Developers still have to actively use parameterized queries in order for them to work. Just being a standard isn't enough (something something...nobody follows standards). In other cases, even if developers are using parameterized queries in recent code, if the application is using legacy code, SQL injections may still exist there. I found over 100 SQL injections in 2023 alone.
@alexgreen1767 9 ай бұрын
Haha, what a rebuttal. Sudo apt install return burn.
@iq_rasco 11 ай бұрын
name of labs ?
@Bacsbox 11 ай бұрын
🎉
@itzpo1ska245 11 ай бұрын
Im trying, really😂😅
@Rocks_roxks9 11 ай бұрын
😂😂😂😂
@proxynet6520 11 ай бұрын
Does it work in real world?
@evanottinger1672 11 ай бұрын
TLDR: yeah
@Rocks_roxks9 11 ай бұрын
Great 🤩🤩
@TCMSecurityAcademy 11 ай бұрын
Thanks 🤗
@rumanhasan27 11 ай бұрын
1st
CTVBY
Рет қаралды 6 МЛН
Comedy Club
Рет қаралды 7 МЛН