1
00:00:00,360 --> 00:00:08,250
So, yes, this will be the start of the suckering section in this, we will we will be looking at the

2
00:00:08,250 --> 00:00:09,480
trial of the circle.

3
00:00:10,410 --> 00:00:17,810
So there is no exact definition for the circle, but circle can be defined as a code that keeps on the

4
00:00:17,820 --> 00:00:19,800
team's mission and uses the river.

5
00:00:22,350 --> 00:00:26,580
This circle is the code that is being executed on the mission.

6
00:00:26,940 --> 00:00:31,980
And after discussion, we get the rules and the code need not be the reverse order.

7
00:00:32,280 --> 00:00:34,530
It can be potential character.

8
00:00:35,040 --> 00:00:43,230
But in order to get to in order to take advantage of the victim's machine, we generally like the reverser

9
00:00:43,800 --> 00:00:44,400
circle.

10
00:00:45,210 --> 00:00:51,390
If we have to use the metal plate, it will be probably known about how to create using a of venom.

11
00:00:53,190 --> 00:00:59,220
You put the host airport and all those options and you will create the either by nature or nurture or

12
00:00:59,250 --> 00:01:01,040
whatever circle you need.

13
00:01:01,830 --> 00:01:03,630
So that's how you create using them.

14
00:01:03,680 --> 00:01:07,560
So you just enter the command and you get the circle.

15
00:01:08,490 --> 00:01:15,080
And the process of writing the circle is of course, as similar to process of writing, programming

16
00:01:15,090 --> 00:01:18,760
or programming, the same process of writing the record as concertgoer.

17
00:01:20,400 --> 00:01:22,500
Now there are some properties you need to know.

18
00:01:22,610 --> 00:01:30,570
Silcott should be as aggressive as possible because the positions of the victim's machine might limit

19
00:01:30,570 --> 00:01:31,570
the size of the buffer.

20
00:01:31,590 --> 00:01:37,670
That means you can only press 400 or 500 words down, plus more than that.

21
00:01:38,010 --> 00:01:42,160
So there will be some limitations when you are doing this type of role for us.

22
00:01:42,630 --> 00:01:49,300
That's why we need to write as you need to circle as soon as possible.

23
00:01:50,490 --> 00:01:53,460
Also, Circle should be free from bad characters.

24
00:01:54,450 --> 00:01:54,760
Okay.

25
00:01:54,840 --> 00:02:01,140
These are not any bad characters in nature, but these are the bad characters for us, for attackers.

26
00:02:01,920 --> 00:02:03,840
Let's see the examples of bad characters.

27
00:02:04,500 --> 00:02:11,240
That is zero zero which is Nabay zero zero is this is called Sudarshan.

28
00:02:11,280 --> 00:02:14,940
That is a new line we have seen in our programming.

29
00:02:16,740 --> 00:02:20,360
And this is the slasher, which is the character written.

30
00:02:22,230 --> 00:02:31,440
So why are these bad characters so in applications, the process, the string that wins user input like

31
00:02:31,440 --> 00:02:34,250
username and password, they're being format, right.

32
00:02:34,710 --> 00:02:41,380
And then if you press zero zero, this number will act as Terminator.

33
00:02:41,910 --> 00:02:48,900
That means if you pass 50 characters and then elevate and then 50 characters, first 50 characters were

34
00:02:48,900 --> 00:02:57,780
taken to the buffer for an application on seeing this, another character, nabay the screen, the application

35
00:02:58,200 --> 00:03:00,150
stops processing the taking.

36
00:03:01,410 --> 00:03:10,350
That means it will take only the first 50 words and the string of traditional will get truncated or

37
00:03:10,350 --> 00:03:14,010
will not be taken as an input by the application.

38
00:03:15,890 --> 00:03:24,650
So in this case, after the break, our string is getting cut off that way, if we include this number

39
00:03:24,650 --> 00:03:32,190
in our circle of obviously our circle will not get executed fully and we does not get any reversal.

40
00:03:32,840 --> 00:03:35,330
So this number is almost.

41
00:03:36,630 --> 00:03:45,440
You can't Arabic because even every application processes are strings and considers this as an Arabic.

42
00:03:47,170 --> 00:03:57,430
And Giraldi will be used commonly in Web applications using Web servers in the servers when the request

43
00:03:57,430 --> 00:04:00,490
or response is being processed, when the request is processed.

44
00:04:00,520 --> 00:04:07,050
You said that slash GDP slash not one or 1.0 and then you give the special session.

45
00:04:07,450 --> 00:04:17,560
So by putting this racialization that we will and treats as a single request and after this special

46
00:04:17,560 --> 00:04:22,460
session, the input will not be considered into the application.

47
00:04:23,560 --> 00:04:29,680
So that's why you need to avoid these two characters in November applications.

48
00:04:30,430 --> 00:04:35,610
Also, you need to exclude these characters because this is right.

49
00:04:35,620 --> 00:04:39,780
You know, so bad character and these two are bad characters for Web applications.

50
00:04:40,510 --> 00:04:47,830
So these are the main properties you need to consider when coding their QAQA.