diff options
author | Noah Loomans <noahloomans@gmail.com> | 2017-05-10 15:31:30 +0200 |
---|---|---|
committer | Noah Loomans <noahloomans@gmail.com> | 2017-05-10 15:31:30 +0200 |
commit | 212124e022e68f8c03bfe24bdf08787404126c8c (patch) | |
tree | 6bd4f47b881236ee9bfc5a09aa5d746ea7aa9b19 /slides/xss/index.html | |
parent | 6cbf4d867d840014fbbb646e04002395fcec1fb0 (diff) |
Add ICT in de Wolken presentation
Diffstat (limited to 'slides/xss/index.html')
-rw-r--r-- | slides/xss/index.html | 79 |
1 files changed, 79 insertions, 0 deletions
diff --git a/slides/xss/index.html b/slides/xss/index.html new file mode 100644 index 0000000..2e43568 --- /dev/null +++ b/slides/xss/index.html @@ -0,0 +1,79 @@ +--- +layout: slides +title: Security +scripts: [ ./script.js ] +styles: [ ../reveal.js/theme/blood.css, ../reveal.js/zenburn.css, ./style.css ] +--- +<div class="reveal"> + <div class="slides"> + <section> + <h1>XSS Injections</h1> + <div class="profile"> + <img src="/assets/face.jpg" alt="Noah Loomans"> + <div class="info"> + <div class="name">Noah Loomans</div> + <div class="pgp-key">67B0 295A C271 345D 0706 4B9B 8B23 75F3 B367 DF6D</div> + </div> + </div> + </section> + <section> + <h2>Cross Site Scripting</h2> + </section> + <section> + <h2>Sample Code</h2> + <pre><code class="hljs" data-trim contenteditable> +<?php + +$sql = "SELECT comment FROM comments"; +$result = $conn->query($sql); + +// output data of each row +while($row = $result->fetch_assoc()) { + echo $row["comment"] . "<br>"; +} + +?> + </code></pre> + </section> + <section> + <h2>What if I enter <code><b>hello</b></code>?</h2> + </section> + <section> + <pre><code class="hljs html" data-trim data-noescape contenteditable> +<p class="comments"> +<span class="fragment">This sucks<br></span> +<span class="fragment">First!<br></span> +<span class="fragment"><mark><b>hello.</b><br></mark></span> +</p>̿ + </code></pre> + </section> + <section data-background-image="https://keybase.io/images/blog/zcash/evil.png"> + <h1><code><script></code></h1> + </section> + <section> + <h2>Sample Code</h2> + <pre><code class="hljs" data-trim data-noescape contenteditable> +<?php + +$sql = "SELECT comment FROM comments"; +$result = $conn->query($sql); + +// output data of each row +while($row = $result->fetch_assoc()) { + echo <span class="fragment" data-fragment-index="2"><mark>htmlspecialchars(</mark></span>$row["comment"]<span class="fragment" data-fragment-index="2"><mark>);</mark></span> . "<br>"; +} + +?> + </code></pre> + <p class="fragment" data-fragment-index="1"> + Source: <a href="https://www.w3schools.com/php/php_mysql_select.asp">w3schools</a> + </p> + </section> + <section> + <h1><code class="hljs"><</code> -> <code class="hljs">&lt;</code></h1> + </section> + <section> + https://hack-challange-nloomans.c9users.io/ + </section> + </div> +</div> |