Questions about this topic? Sign up to ask in the talk tab.

Difference between revisions of "Payload"

From NetSec
Jump to: navigation, search
(Created page with "A '''payload''' is a piece of code or data that will cause arbitrary actions on part of the vulnerable application. * An XSS payload is written in spec...")
 
Line 2: Line 2:
  
  
* An [[XSS]] payload is written in specially-crafted [[HTML]] or [[JavaScript]].
+
* An [[XSS]] payload is written in specially-crafted [[HTML]] or [[JavaScript]].                                  
* A [[SQL injection]] payload is usually written in specially-crafted [[SQL]] statements.
+
:(Compatibility limited by browser)
* A [[buffer overflow]] payload is typically specially-crafted [[machine code]] otherwise known as [[shellcode]]
+
* A [[SQL injection]] payload is usually written in specially-crafted [[SQL]] statements.  
 +
:(Compatibility limited by SQL server version)
 +
* A [[buffer overflow]] payload is typically specially-crafted [[machine code]], otherwise known as [[shellcode]].
 +
:(Compatibility limited by processor architecture)

Revision as of 16:08, 28 August 2012

A payload is a piece of code or data that will cause arbitrary actions on part of the vulnerable application.


(Compatibility limited by browser)
  • A SQL injection payload is usually written in specially-crafted SQL statements.
(Compatibility limited by SQL server version)
(Compatibility limited by processor architecture)