Download the example code files

You can download the example code files for this book from GitHub at https://github.com/PacktPublishing/Attacking-and-Exploiting-Modern-Web-Applications. If there’s an update to the code, it will be updated in the GitHub repository.

We also have other code bundles from our rich catalog of books and videos available at https://github.com/PacktPublishing/. Check them out!

Conventions used

There are a number of text conventions used throughout this book.

Code in text: Indicates code words in text, database table names, folder names, filenames, file extensions, pathnames, dummy URLs, user input, and Twitter handles. Here is an example: “We found two headers containing the specific PHP (X-Powered-By) and Apache (Server) versions.”

A block of code is set as follows:

SELECT id, wpid, room, timestamp, UNIX_TIMESTAMP(timestamp) AS unix_timestamp, alias, status, message FROM $Shoutbox_messages_table_name.' WHERE room IN ("'.$rooms.'") AND timestamp > FROM_UNIXTIME('.esc_sql($_POST['last_timestamp']).') ORDER BY unix_timestamp ASC

When we wish to draw your attention to a particular part of a code block, the relevant lines or items are set in bold:

function esc_sql( $data ) {
    global $wpdb;
    return $wpdb->_escape( $data );
}

Any command-line input or output is written as follows:

$ curl -kis  http://localhost | grep generator
<meta name="generator" content="WordPress 6.1.1" />

Bold: Indicates a new term, an important word, or words that you see on screen. For instance, words in menus or dialog boxes appear in bold. Here is an example: “Select and right-click on that image from the menu, and click Inspect to see precisely the resulting code.”

Tips or important notes

Appear like this.