10. HyperText Transfer Protocol (HTTP) GET /index.html HTTP/1.1 Host: www.example.com HTTP/1.1 200 OK Date: Mon, 23 April 2007 22:38:34 GMT Server: Apache/1.3.27 (Unix) (Red-Hat/Linux) Last-Modified: Wed, 08 Jan 2003 23:11:55 GMT Etag: "3f80f-1b6-3e1cb03b" Accept-Ranges: bytes Content-Length: 438 Connection: close Content-Type: text/html; charset=UTF-8
11.
12.
13.
14.
15.
16.
17.
18.
19.
20.
21.
22.
23.
24.
25.
26.
27.
28.
29.
30.
31.
32. Injection Demo SQL Injection: Almost every IST student’s web application is vulnerable https://my.3c.ist.psu.edu/jeb5010/customer.php?Name ='%20OR%201=1-- Remote Code Execution: http://scripts.cac.psu.edu/pxn126/finger.cgi