1
00:00:04,480 --> 00:00:05,380
Hello, everyone.

2
00:00:05,410 --> 00:00:06,550
Welcome to my goals.

3
00:00:07,120 --> 00:00:07,910
In this lecture.

4
00:00:07,950 --> 00:00:12,730
You will learn about injecting an intended ex in.

5
00:00:14,090 --> 00:00:23,550
Whenever we bend, test an application and we see that the application functionality has its aim in

6
00:00:24,450 --> 00:00:25,620
passing in the.

7
00:00:26,630 --> 00:00:27,280
Back in.

8
00:00:27,650 --> 00:00:32,540
We try to paint the app with exhibit injection issues.

9
00:00:33,170 --> 00:00:43,670
Usually we will then examine Pastor to see whether the grant applications examine document is properly

10
00:00:43,670 --> 00:00:45,230
formatted or not.

11
00:00:45,890 --> 00:00:49,250
We also validate the examined documents.

12
00:00:49,700 --> 00:00:56,660
We the examine pather before penetration testing in the application.

13
00:00:56,740 --> 00:01:01,760
We examine induction issues using a similar pather.

14
00:01:02,260 --> 00:01:03,870
Is it normal prosody?

15
00:01:04,580 --> 00:01:05,630
These are type up.

16
00:01:05,690 --> 00:01:13,370
A simple injection can cause medium to severe kind of damage is through the application.

17
00:01:13,970 --> 00:01:18,710
It again altered the intended logic of the application.

18
00:01:19,570 --> 00:01:26,920
That is the reason why we call it unintended examine injection.

19
00:01:28,670 --> 00:01:37,940
As you've been disturbed, when you examine a Web application, you put it to that test to insert examine.

20
00:01:39,150 --> 00:01:45,480
Meta characters to modify the structure of the resulting if aimin.

21
00:01:47,550 --> 00:01:59,580
Hearted ex email exim in Egypt, software and hardware, independent languages for installing and transporting

22
00:01:59,580 --> 00:02:00,150
data.

23
00:02:02,080 --> 00:02:13,340
Second example is dance for Extensible Markup languages and is similar to ASTM in turn.

24
00:02:14,390 --> 00:02:18,560
Email was designed to be still descriptive.

25
00:02:19,760 --> 00:02:25,220
So you can design the structure according to your necessity.

26
00:02:26,330 --> 00:02:37,790
Finally, you need to define both the deaths and the documented structure in a way that is meaningful.

27
00:02:38,330 --> 00:02:49,610
As you all design a database table and field, because you will find that example in a similar to a

28
00:02:49,730 --> 00:02:50,540
database.

29
00:02:52,990 --> 00:03:00,250
The next big caution is why we need X email instead of using a database.

30
00:03:00,730 --> 00:03:04,190
Why should we use an existing document?

31
00:03:05,050 --> 00:03:14,200
The biggest advantage of ASML is that it is software and hardware independent.

32
00:03:15,120 --> 00:03:20,660
And a similar document is stored data in the.

33
00:03:21,960 --> 00:03:31,060
Plain text that makes things much easier, therefore it simplifies this.

34
00:03:31,080 --> 00:03:36,190
The process is storing and transporting data.

35
00:03:37,560 --> 00:03:42,710
Let us see an example of examine data.

36
00:03:43,560 --> 00:03:45,770
This is the example.

37
00:03:47,400 --> 00:03:53,390
Here angle rugged email is an element inside the.

38
00:03:54,440 --> 00:04:03,160
Angle market e-mail, an event we have more in events such as to from.

39
00:04:03,370 --> 00:04:09,970
And a message you can add as many elements as you wish.

40
00:04:12,190 --> 00:04:20,040
It is similar to what they've been in their database higher you created they've been called email.

41
00:04:20,780 --> 00:04:27,490
Inside the email table you have fields call two and so on.

42
00:04:28,030 --> 00:04:32,740
Of course, you can write the theme while energy is on.

43
00:04:34,010 --> 00:04:35,690
Like these.

44
00:04:37,940 --> 00:04:42,000
And you did that as a supporter and a storage facility.

45
00:04:42,630 --> 00:04:48,700
Jason is quickly overtaking A.T.M. in popularity.

46
00:04:49,270 --> 00:04:53,400
How if her is still in many Web applications.

47
00:04:53,760 --> 00:05:03,150
You will find that uses up X m l because it has been popular for many years.

48
00:05:05,360 --> 00:05:06,310
Hard, easy.

49
00:05:06,590 --> 00:05:20,740
Dee Dee Dee, a document type definition are DTD defines the legal elements and attributes of an ex

50
00:05:20,750 --> 00:05:25,010
living document with a DTD.

51
00:05:25,830 --> 00:05:34,530
Developers agree on a standard data structure for storing and transporting data.

52
00:05:35,370 --> 00:05:48,570
Furthermore, an application can verify with the help of DTD that an ex email document is properly formatted

53
00:05:49,260 --> 00:05:50,030
or not.

54
00:05:51,000 --> 00:05:58,860
It will also check whether there is email data is defined internally within.

55
00:05:58,890 --> 00:06:06,750
And if email documents are from an external source like a.

56
00:06:08,310 --> 00:06:09,030
You are.

57
00:06:09,150 --> 00:06:12,110
I are, you are ill.

58
00:06:13,200 --> 00:06:27,730
DTD allow us to define heart will be the key words and entities in and if aimin document does the examine

59
00:06:27,760 --> 00:06:29,040
parner abilities.

60
00:06:29,520 --> 00:06:36,660
This can be done by injecting new keywords and entities.