@ -73,7 +73,7 @@ We know compilation is involved in all 3 languages we are discussing. Just that
Those bytecodes are language specific. Python has its own set of bytecode defined (more in `dis` module) and so does java. So naturally, your operating system will not know how to run it. To run this bytecode, we have something called Virtual Machines. Ie: The JVM or the Python VM (CPython, Jython). These so called Virtual Machines are the programs which can read the bytecode and run it on a given operating system. Python has multiple VMs available. Cpython is a python VM implemented in C language, similarly Jython is a Java implementation of python VM. **At the end of the day, what they should be capable of is to understand python language syntax, be able to compile it to bytecode and be able to run that bytecode.** You can implement a python VM in any language! (And people do so, just because it can be done)
- Applications regularly fail to process transactions for many reasons. How they fail can determine if an application is secure or not.
```java
```
is_admin = true;
try {
@ -113,7 +113,7 @@
- Ciphers are the cornerstone of cryptography. A cipher is a set of algorithms that performs encryption or decryption on a message. An encryption algorithm (E) takes a secret key (k) and a message (m) and produces a ciphertext (c). Similarly, a Decryption algorithm (D) takes a secret key (K) and the previous resulting Ciphertext (C). They are represented as follows:
```text
```
E(k,m) = c
D(k,c) = m
@ -122,7 +122,7 @@ D(k,c) = m
- This also means that for it to be a cipher, it must satisfy the consistency equation as follows, making it possible to decrypt.
@ -142,7 +142,7 @@ Let us see how we keep a check on the perimeter i.e the edges, the first layer o
- Nmap is often used to determine alive hosts in a network, open ports on those hosts, services running on those open ports, and version identification of that service on that port.
- More at http://scanme.nmap.org/
```bash
```
nmap [scan type] [options] [target specification]
```
@ -417,7 +417,7 @@ TCP Flags
- Abuse of the normal operation or settings of these flags can be used by attackers to launch DoS attacks. This causes network servers or web servers to crash or hang.
- A successful exploit will allow attackers to access, modify, or delete information in the database.
- It permits attackers to steal sensitive information stored within the backend databases of affected websites, which may include such things as user credentials, email addresses, personal information, and credit card numbers
```sql
```
SELECT USERNAME,PASSWORD from USERS where USERNAME='<username>' AND PASSWORD='<password>';
Here the username & password is the input provided by the user. Suppose an attacker gives the input as " OR '1'='1'" in both fields. Therefore the SQL query will look like: