Questions about this topic? Sign up to ask in the talk tab.
Difference between revisions of "Payload"
From NetSec
(Created page with "A '''payload''' is a piece of code or data that will cause arbitrary actions on part of the vulnerable application. * An XSS payload is written in spec...") |
|||
| Line 2: | Line 2: | ||
| − | * An [[XSS]] payload is written in specially-crafted [[HTML]] or [[JavaScript]]. | + | * An [[XSS]] payload is written in specially-crafted [[HTML]] or [[JavaScript]]. |
| − | * A [[SQL injection]] payload is usually written in specially-crafted [[SQL]] statements. | + | :(Compatibility limited by browser) |
| − | * A [[buffer overflow]] payload is typically specially-crafted [[machine code]] otherwise known as [[shellcode]] | + | * A [[SQL injection]] payload is usually written in specially-crafted [[SQL]] statements. |
| + | :(Compatibility limited by SQL server version) | ||
| + | * A [[buffer overflow]] payload is typically specially-crafted [[machine code]], otherwise known as [[shellcode]]. | ||
| + | :(Compatibility limited by processor architecture) | ||
Revision as of 17:08, 28 August 2012
A payload is a piece of code or data that will cause arbitrary actions on part of the vulnerable application.
- An XSS payload is written in specially-crafted HTML or JavaScript.
- (Compatibility limited by browser)
- A SQL injection payload is usually written in specially-crafted SQL statements.
- (Compatibility limited by SQL server version)
- A buffer overflow payload is typically specially-crafted machine code, otherwise known as shellcode.
- (Compatibility limited by processor architecture)
