JSP·ÀSQL×¢Èë¹¥»÷
µÚÒ»ÖÖ²ÉÓÃÔ¤±àÒëÓï¾ä¼¯£¬ËüÄÚÖÃÁË´¦ÀíSQL×¢ÈëµÄÄÜÁ¦£¬Ö»ÒªÊ¹ÓÃËüµÄsetString·½·¨´«Öµ¼´¿É£º
String sql= "select * from users where username=? and password=?;
PreparedStatement preState = conn.prepareStatement(sql);
preState.setString(1, userName);
preState.setString(2, password);
ResultSet rs = preState.executeQuery();
...
µÚ¶þÖÖÊDzÉÓÃÕýÔò±í´ïʽ½«°üº¬ÓÐ µ¥ÒýºÅ(')£¬·ÖºÅ(;) ºÍ ×¢ÊÍ·ûºÅ(--)µÄÓï¾ä¸øÌæ»»µôÀ´·ÀÖ¹SQL×¢Èë
Àý1
public static String TransactSQLInjection(String str)
{
return str.replaceAll(".*([';]+|(--)+).*", " ");
}
userName=TransactSQLInjection(userName);
password=TransactSQLInjection(password);
String sql="select * from users where username='"+userName+"' and password='"+password+"' "
Statement sta = conn.createStatement();
ResultSet rs = sta.executeQuery(sql);
...
»òÕßÀý2
ÒªÒýÈëµÄ°ü£º
import java.util.regex.*;
ÕýÔò±í´ïʽ£º
private String CHECKSQL = “^(.+)\\sand\\s(.+)|(.+)\\sor(.+)\\s$”;
ÅжÏÊÇ·ñÆ¥Å䣺
Pattern.matches(CHECKSQL,targerStr);
ÏÂÃæÊǾßÌåµÄÕýÔò±í´ïʽ£º
¼ì²âSQL meta-charactersµÄÕýÔò±í´ïʽ £º
/(\%27)|(\’)|(\-\-)|(\%23)|(#)/ix
ÐÞÕý¼ì²âSQL meta-charactersµÄÕýÔò±í´ïʽ£º/((\%3D)|(=))[^\n]*((\%27)|(\’)|(\-\-)|(\%3B)|(:))/i
µäÐ굀 SQL ×¢Èë¹¥»÷µÄÕýÔò±í´ïʽ£º/\w*((\%27)|(\’))((\%6F)|o|(\%4F))((\%72)|r|(\%52))/ix
¼ì²âSQL×¢È룬UNION²éѯ¹Ø¼ü×ÖµÄÕýÔò±í´ïʽ £º/((\%27)|(\’))union/ix(\%27)|(\’)
¼ì²âMS SQL Server SQL×¢Èë¹¥»÷µÄÕýÔò±í´ïʽ£º
/exec(\s|\+)+(s|x)p\w+/ix
µÈµÈ…..
µÚÈýÖÖÊÇ×Ö·û´®¹ýÂË
Àý1
sql_inj.javaΪһ¸ö¸Ä½øµÄ·À×¢Èëbean£¬±àÒëºó½«classÎļþ·ÅÔÚtomcatµÄclassesϵÄsql_injĿ¼ÖС£
sql_inj.java´úÂ룺
====================================================================
package sql_inj;
import java.net.*;
import java.io.*;
import java.sql.*;
import java.text.*;
import java.lang.String;
public class sql_inj{
public static boolean sql_inj(String str)
{
String inj_str = "'|and|exec|insert|select|delete|update|count|*|%|chr|mid|master|t
Ïà¹ØÎĵµ£º
http://www.umgr.com/blog/PostView.aspx?bpId=36294
1. Ö´ÐÐsqlÓï¾ä
int sqlite3_exec(sqlite3*£¬ const char *sql£¬ sqlite3_callbacksql Óï·¨
£¬ void *£¬ char **errmsg );
Õâ¾ÍÊÇÖ´ÐÐÒ»Ìõ sql Óï¾äµÄº¯Êý¡£
µÚ1¸ö²ÎÊý²»ÔÙ˵ÁË£¬ÊÇÇ°Ãæopenº¯ÊýµÃµ½µÄÖ¸Õ롣˵ÁËÊǹؼüÊý¾Ý½á¹¹¡£
µÚ2¸ö²ÎÊýconst char ......
1.Ñ¡Ôñ×îÓÐЧÂʵıíÃû˳Ðò(Ö»ÔÚ»ùÓÚ¹æÔòµÄÓÅ»¯Æ÷ÖÐÓÐЧ)¡¡¡¡
¡¡¡¡ SQLSERVERµÄ½âÎöÆ÷°´ÕÕ´ÓÓÒµ½×óµÄ˳Ðò´¦Àífrom×Ó¾äÖеıíÃû£¬Òò´Ëfrom×Ó¾äÖÐдÔÚ×îºóµÄ±í£¨»ù´¡±ídriving table£©½«±»×îÏÈ´¦Àí£¬ÔÚfrom×Ó¾äÖаüº¬¶à¸ö±íµÄÇé¿öÏ£¬±ØÐëÑ¡Ôñ¼Ç¼ÌõÊý×îÉٵıí×÷Ϊ»ù´¡±í£¬µ±SQLSERVER´¦Àí¶à¸ö±íʱ£¬»áÔËÓÃÅÅÐò¼°ºÏ²¢µÄ·½Ê½Á ......
SQL²Ù×÷È«¼¯
ÏÂÁÐÓï¾ä²¿·ÖÊÇMssqlÓï¾ä£¬²»¿ÉÒÔÔÚaccessÖÐʹÓá£
SQL·ÖÀࣺ
DDL—Êý¾Ý¶¨ÒåÓïÑÔ(CREATE£¬ALTER£¬DROP£¬DECLARE)
DML—Êý¾Ý²Ù×ÝÓïÑÔ(SELECT£¬DELETE£¬UPDATE£¬INSERT)
DCL—Êý¾Ý¿ØÖÆÓïÑÔ(GRANT£¬REVOKE£¬COMMIT£¬ROLLBACK)
Ê×ÏÈ,¼òÒª½éÉÜ»ù´¡Óï¾ä£º
1¡¢ËµÃ÷£º´´½¨Êý¾Ý¿â
CREATE ......
Ìá¸ßÊý¾Ý¿âÐÔÄܵķ½Ê½ÓÐÁ½ÖÖ
Ò»¡¢Ò»ÖÖÊÇDBAͨ¹ý¶ÔÊý¾Ý¿âµÄ¸÷¸ö·½Ãæµ÷ÓÅ
µ÷ÕûÊý¾Ý¿â:¹²Ïí³Ø,java³Ø,¸ßËÙ»º´æ,´óÐͳØ,java³Ø
Õë¶ÔÓÚwindow²Ù×÷ϵͳ 32λ,oracleÄÚ´æÕ¼Óã¬×î´óΪ1.7G,³¬¹ýÔò²»×÷ÓÃ,Òò´ËÕ⼸ÏîÖµÖ®ºÍ²»Ó¦³¬¹ý1.7G
Ŀǰ¸÷³Ø²ÎÊýΪ:
......
ÔÚWEBÓ¦ÓÃÖÐ,Èç¹ûʹÓÃjsp×÷Ϊview²ãµÄÏÔʾģ°å,¶¼»á±»¿Õ¸ñ/¿Õ»»ÐÐÎÊÌâËùÀ§ÈÅ.
Õâ¸öÎÊÌâµ±ÄêÒ²À§ÈÅÁËÎұȽϳ¤µÄʱ¼ä.ÒòΪÔÚjspÄÚʹÓõÄEL±êÇ©ºÍÆäËû±êǩʱ,»á²úÉú´óÁ¿µÄ¿Õ¸ñºÍ»»Ðзû.ÀýÈç:
------- start ----------
<c:choose>
<c:when test="${fn:length(mainPageList)>1&}&q ......