文件名称:Web Security.pdf
文件大小:47.45MB
文件格式:PDF
更新时间:2022-10-13 19:30:05
web security
Web attack techniques can be divided into several stages. In the Web 1.0 era, people were more concerned about server-side dynamic scripting security issues, such as an executable script (commonly known as web shell) uploaded to the server to obtain permission. The popularity of dynamic scripting languages and insufficient cognition of web technologies on security issues in the early stages caused a lot of issues, such as the PHP language still having to rely on good code specifications to ensure that no file contains a loophole, but not on the language itself to prevent the occurrence of such security issues. SQL injection is a milestone in the history of web security; it first appeared in about 1999 and quickly became a major threat to web security. Programmers worked hard to amend the loopholes in the system and to contain the attacks, as otherwise hackers can access important and sensitive data through SQL injection attacks and can even access the system through the database. SQL injection attack is as effective, if not better, than a direct attack, which makes it popular with hackers. Vulnerability to SQL injection attacks is therefore still an important concern in the web security field.