Web Security

SQLab 2023
Author: Sean 韋詠祥

Slide: https://hackmd.io/@Sean64/sec-sqlab2023

Web Security SQLab 2023 Author: Sean 韋詠祥 Slide: https://hackmd.io/@Sean64/sec-sqlab2023 日期：2023-06-07（三）課程時間：10:30 - 12:00 10:30 開場 10:35 filter 10:40 Lab: My Blog 10:50 x-fwd 10:55 Lab: Cloud Drive 11:05 off-by-slash 11:10 Lab: Dynamic Pricing 11:20 Lab Demo 11:25 XXE 11:30 Lab: Import Blog Post 11:35 SSTI 11:45 Lab: WIP 11:55 PP 12:00 Lunch

Web Security

Slide: https://hackmd.io/@Sean64/sec-sqlab2023

About Me

Outline

`php://filter`

What is `php://` wrapper

Parameters of `php://filter`

Example

Lab: My Blog

X-Forwarded-For

StackOverflow?

And ChatGPT

What are those variables

Lab: Cloud Drive

CF-Connecting-IP

NginX

Recap: Path Traversal

NginX Config

Off-by-slash

Lab: Dynamic Pricing

XXE

XML Syntax

XML Custom Entity

XML External Entity

Lab: Import Blog Post

Template Injection

Slide

Lab: WIP

Prototype Pollution

Reference

Q&A

這份投影片以創用 CC - 姓名標示授權公眾使用，原始碼及講稿請見此連結。