51TestingÈí¼þ²âÊÔÂÛ̳

 ÕÒ»ØÃÜÂë
 (×¢-²á)¼ÓÈë51Testing

QQ怬

Ö»ÐèÒ»²½£¬¿ìËÙ¿ªÊ¼

΢ÐŵǼ£¬¿ìÈËÒ»²½

²é¿´: 5332|»Ø¸´: 13

SQL×¢Èë¹¥»÷µÄÖÖÀàºÍ·À·¶ÊÖ¶Î

[¸´ÖÆÁ´½Ó]

¸ÃÓû§´Óδǩµ½

·¢±íÓÚ 2008-8-29 14:21:10 | ÏÔʾȫ²¿Â¥²ã |ÔĶÁģʽ
SQL×¢Èë¹¥»÷µÄÖÖÀà

Ê×ÏÈÒªÇå³þSQL×¢Èë¹¥»÷ÓÐÄÄЩÖÖÀà¡£

1.ûÓÐÕýÈ·¹ýÂËתÒå×Ö·û
ÔÚÓû§µÄÊäÈëûÓÐΪתÒå×Ö·û¹ýÂËʱ£¬¾Í»á·¢ÉúÕâÖÖÐÎʽµÄ×¢Èëʽ¹¥»÷£¬Ëü»á±»´«µÝ¸øÒ»¸öSQLÓï¾ä¡£ÕâÑù¾Í»áµ¼ÖÂÓ¦ÓóÌÐòµÄÖÕ¶ËÓû§¶ÔÊý¾Ý¿âÉϵÄÓï¾äʵʩ²Ù×Ý¡£±È·½Ëµ£¬ÏÂÃæµÄÕâÐдúÂë¾Í»áÑÝʾÕâÖÖ©¶´£º          statement := "SELECT * FROM users WHERE name = '" + userName + "'; "

ÕâÖÖ´úÂëµÄÉè¼ÆÄ¿µÄÊǽ«Ò»¸öÌض¨µÄÓû§´ÓÆäÓû§±íÖÐÈ¡³ö£¬µ«ÊÇ£¬Èç¹ûÓû§Ãû±»Ò»¸ö¶ñÒâµÄÓû§ÓÃÒ»ÖÖÌض¨µÄ·½Ê½Î±Ô죬Õâ¸öÓï¾äËùÖ´ÐеIJÙ×÷¿ÉÄܾͲ»½ö½öÊÇ´úÂëµÄ×÷ÕßËùÆÚÍûµÄÄÇÑùÁË¡£ÀýÈ磬½«Óû§Ãû±äÁ¿(¼´username)ÉèÖÃΪ£º
        a' or 't'='t£¬´ËʱԭʼÓï¾ä·¢ÉúÁ˱仯£º          SELECT * FROM users WHERE name = 'a' OR 't'='t';
Èç¹ûÕâÖÖ´úÂë±»ÓÃÓÚÒ»¸öÈÏÖ¤¹ý³Ì£¬ÄÇôÕâ¸öÀý×Ó¾ÍÄܹ»Ç¿ÆÈÑ¡ÔñÒ»¸öºÏ·¨µÄÓû§Ãû£¬ÒòΪ¸³Öµ't'='tÓÀÔ¶ÊÇÕýÈ·µÄ¡£
ÔÚһЩSQL·þÎñÆ÷ÉÏ£¬ÈçÔÚSQL¡¡ServerÖУ¬ÈκÎÒ»¸öSQLÃüÁ¿ÉÒÔͨ¹ýÕâÖÖ·½·¨±»×¢È룬°üÀ¨Ö´Ðжà¸öÓï¾ä¡£ÏÂÃæÓï¾äÖеÄusernameµÄÖµ½«»áµ¼ÖÂɾ³ý¡°users¡±±í£¬ÓÖ¿ÉÒÔ´Ó¡°data¡±±íÖÐÑ¡ÔñËùÓеÄÊý¾Ý(ʵ¼ÊÉϾÍÊÇ͸¶ÁËÿһ¸öÓû§µÄÐÅÏ¢)¡£          a'; DROP TABLE users; SELECT * FROM data WHERE name LIKE '%

Õâ¾Í½«×îÖÕµÄSQLÓï¾ä±ä³ÉÏÂÃæÕâ¸öÑù×Ó£º   SELECT * FROM users WHERE name = 'a'; DROP TABLE users; SELECT * FROM DATA WHERE name LIKE '%';
ÆäËüµÄSQLÖ´Ðв»»á½«Ö´ÐÐͬÑù²éѯÖеĶà¸öÃüÁî×÷ΪһÏȫ´ëÊ©¡£Õâ»á·ÀÖ¹¹¥»÷Õß×¢ÈëÍêÈ«¶ÀÁ¢µÄ²éѯ£¬²»¹ýÈ´²»»á×èÖ¹¹¥»÷ÕßÐ޸IJéѯ¡£

2.Incorrect type handling
Èç¹ûÒ»¸öÓû§ÌṩµÄ×ֶβ¢·ÇÒ»¸öÇ¿ÀàÐÍ£¬»òÕßûÓÐʵʩÀàÐÍÇ¿ÖÆ£¬¾Í»á·¢ÉúÕâÖÖÐÎʽµÄ¹¥»÷¡£µ±ÔÚÒ»¸öSQLÓï¾äÖÐʹÓÃÒ»¸öÊý×Ö×Ö¶Îʱ£¬Èç¹û³ÌÐòԱûÓмì²éÓû§ÊäÈëµÄºÏ·¨ÐÔ(ÊÇ·ñΪÊý×ÖÐÍ)¾Í»á·¢ÉúÕâÖÖ¹¥»÷¡£ÀýÈ磺          statement := "SELECT * FROM data WHERE id = " + a_variable + "; "
´ÓÕâ¸öÓï¾ä¿ÉÒÔ¿´³ö£¬×÷ÕßÏ£Íûa_variableÊÇÒ»¸öÓë¡°id¡±×Ö¶ÎÓйصÄÊý×Ö¡£²»¹ý£¬Èç¹ûÖÕ¶ËÓû§Ñ¡ÔñÒ»¸ö×Ö·û´®£¬¾ÍÈƹýÁ˶ÔתÒå×Ö·ûµÄÐèÒª¡£ÀýÈ磬½«a_variableÉèÖÃΪ:1; DROP TABLE users£¬Ëü»á½«¡°users¡±±í´ÓÊý¾Ý¿âÖÐɾ³ý£¬SQLÓï¾ä±ä³É£ºSELECT * FROM DATA WHERE id = 1; DROP TABLE users;

3.Êý¾Ý¿â·þÎñÆ÷ÖеÄ©¶´
ÓÐʱ£¬Êý¾Ý¿â·þÎñÆ÷Èí¼þÖÐÒ²´æÔÚ×Å©¶´£¬ÈçMYSQL·þÎñÆ÷ÖÐmysql_real_escape_string()º¯Êý©¶´¡£ÕâÖÖ©¶´ÔÊÐíÒ»¸ö¹¥»÷Õ߸ù¾Ý´íÎóµÄͳһ×Ö·û±àÂëÖ´ÐÐÒ»´Î³É¹¦µÄSQL×¢Èëʽ¹¥»÷¡£

4.äĿSQL×¢Èëʽ¹¥»÷
µ±Ò»¸öWebÓ¦ÓóÌÐòÒ×ÓÚÔâÊܹ¥»÷¶øÆä½á¹û¶Ô¹¥»÷ÕßÈ´²»¼ûʱ£¬¾Í»á·¢ÉúËùνµÄäĿSQL×¢Èëʽ¹¥»÷¡£ÓЩ¶´µÄÍøÒ³¿ÉÄܲ¢²»»áÏÔʾÊý¾Ý£¬¶øÊǸù¾Ý×¢Èëµ½ºÏ·¨Óï¾äÖеÄÂß¼­Óï¾äµÄ½á¹ûÏÔʾ²»Í¬µÄÄÚÈÝ¡£ÕâÖÖ¹¥»÷Ï൱ºÄʱ£¬ÒòΪ±ØÐëΪÿһ¸ö»ñµÃµÄ×Ö½Ú¶ø¾«ÐĹ¹ÔìÒ»¸öеÄÓï¾ä¡£µ«ÊÇÒ»µ©Â©¶´µÄλÖúÍÄ¿±êÐÅÏ¢µÄλÖñ»È·Á¢ÒÔºó£¬Ò»ÖÖ³ÆΪAbsintheµÄ¹¤¾ß¾Í¿ÉÒÔʹÕâÖÖ¹¥»÷×Ô¶¯»¯¡£

5.Ìõ¼þÏìÓ¦
×¢Ò⣬ÓÐÒ»ÖÖSQL×¢ÈëÆÈʹÊý¾Ý¿âÔÚÒ»¸öÆÕͨµÄÓ¦ÓóÌÐòÆÁÄ»ÉϼÆËãÒ»¸öÂß¼­Óï¾äµÄÖµ£º          SELECT booktitle FROM booklist WHERE bookId = 'OOk14cd' AND 1=1

Õâ»áµ¼ÖÂÒ»¸ö±ê×¼µÄÃæÃ棬¶øÓï¾ä

SELECT booktitle FROM booklist WHERE bookId = 'OOk14cd' AND 1=2ÔÚÒ³ÃæÒ×ÓÚÊܵ½SQL×¢Èëʽ¹¥»÷ʱ£¬ËüÓпÉÄܸø³öÒ»¸ö²»Í¬µÄ½á¹û¡£Èç´ËÕâ°ãµÄÒ»´Î×¢È뽫»áÖ¤Ã÷äĿµÄSQL×¢ÈëÊÇ¿ÉÄܵģ¬Ëü»áʹ¹¥»÷Õ߸ù¾ÝÁíÍâÒ»¸ö±íÖеÄij×Ö¶ÎÄÚÈÝÉè¼Æ¿ÉÒÔÆÀÅÐÕæαµÄÓï¾ä¡£

6.Ìõ¼þÐÔ²î´í
Èç¹ûWHEREÓï¾äΪÕ棬ÕâÖÖÀàÐ͵ÄäĿSQL×¢Èë»áÆÈʹÊý¾Ý¿âÆÀÅÐÒ»¸öÒýÆð´íÎóµÄÓï¾ä£¬´Ó¶øµ¼ÖÂÒ»¸öSQL´íÎó¡£ÀýÈ磺
SELECT 1/0 FROM users WHERE username='Ralph'¡£ÏÔÈ»£¬Èç¹ûÓû§Ralph´æÔڵĻ°£¬±»Áã³ý½«µ¼Ö´íÎó¡£

7.ʱ¼äÑÓÎó
ʱ¼äÑÓÎóÊÇÒ»ÖÖäĿµÄSQL×¢È룬¸ù¾ÝËù×¢ÈëµÄÂß¼­£¬Ëü¿ÉÒÔµ¼ÖÂSQLÒýÇæÖ´ÐÐÒ»¸ö³¤¶ÓÁлòÕßÊÇÒ»¸öʱ¼äÑÓÎóÓï¾ä¡£¹¥»÷Õß¿ÉÒÔºâÁ¿Ò³Ãæ¼ÓÔصÄʱ¼ä£¬´Ó¶ø¾ö¶¨Ëù×¢ÈëµÄÓï¾äÊÇ·ñΪÕæ¡£

ÒÔÉϽöÊǶÔSQL¹¥»÷µÄ´ÖÂÔ·ÖÀà¡£µ«´Ó¼¼ÊõÉϽ²£¬Èç½ñµÄSQL×¢Èë¹¥»÷ÕßÃÇÔÚÈçºÎÕÒ³öÓЩ¶´µÄÍøÕ¾·½Ãæ¸ü¼Ó´ÏÃ÷£¬Ò²¸ü¼ÓÈ«ÃæÁË¡£³öÏÖÁËһЩÐÂÐ͵ÄSQL¹¥»÷ÊֶΡ£ºÚ¿ÍÃÇ¿ÉÒÔʹÓø÷ÖÖ¹¤¾ßÀ´¼ÓËÙ©¶´µÄÀûÓùý³Ì¡£ÎÒÃDz»·Á¿´¿´the Asprox TrojanÕâÖÖľÂí£¬ËüÖ÷Ҫͨ¹ýÒ»¸ö·¢²¼ÓʼþµÄ½©Ê¬ÍøÂçÀ´´«²¥£¬ÆäÕû¸ö¹¤×÷¹ý³Ì¿ÉÒÔÕâÑùÃèÊö£ºÊ×ÏÈ£¬Í¨¹ýÊܵ½¿ØÖƵÄÖ÷»ú·¢Ë͵ÄÀ¬»øÓʼþ½«´ËľÂí°²×°µ½µçÄÔÉÏ£¬È»ºó£¬Êܵ½´ËľÂí¸ÐȾµÄµçÄÔ»áÏÂÔØÒ»¶Î¶þ½øÖÆ´úÂ룬ÔÚÆäÆô¶¯Ê±£¬Ëü»áʹÓÃËÑË÷ÒýÇæËÑË÷ÓÃ΢ÈíµÄASP¼¼Êõ½¨Á¢±íµ¥µÄ¡¢ÓЩ¶´µÄÍøÕ¾¡£ËÑË÷µÄ½á¹û¾Í³ÉΪSQL×¢Èë¹¥»÷µÄ°Ð×ÓÇåµ¥¡£½Ó×Å£¬Õâ¸öľÂí»áÏòÕâЩվµã·¢¶¯SQL×¢Èëʽ¹¥»÷£¬Ê¹ÓÐЩÍøÕ¾Êܵ½¿ØÖÆ¡¢ÆÆ»µ¡£·ÃÎÊÕâЩÊܵ½¿ØÖƺÍÆÆ»µµÄÍøÕ¾µÄÓû§½«»áÊܵ½ÆÛÆ­£¬´ÓÁíÍâÒ»¸öÕ¾µãÏÂÔØÒ»¶Î¶ñÒâµÄJavaScript´úÂë¡£×îºó£¬Õâ¶Î´úÂ뽫Óû§Ö¸Òýµ½µÚÈý¸öÕ¾µã£¬ÕâÀïÓиü¶àµÄ¶ñÒâÈí¼þ£¬ÈçÇÔÈ¡¿ÚÁîµÄľÂí¡£

ÒÔÇ°£¬ÎÒÃǾ­³£¾¯¸æ»ò½¨ÒéWebÓ¦ÓóÌÐòµÄ³ÌÐòÔ±ÃǶÔÆä´úÂë½øÐвâÊÔ²¢´ò²¹¶¡£¬ËäÈ»SQL×¢È멶´±»·¢ÏÖºÍÀûÓõĻúÂʲ¢²»Ì«¸ß¡£µ«½üÀ´¹¥»÷ÕßÃÇÔ½À´Ô½¶àµØ·¢ÏÖ²¢¶ñÒâµØÀûÓÃÕâЩ©¶´¡£Òò´Ë£¬ÔÚ²¿ÊðÆäÈí¼þ֮ǰ£¬¿ª·¢ÈËÔ±Ó¦µ±¸ü¼ÓÖ÷¶¯µØ²âÊÔÆä´úÂ룬²¢ÔÚеĩ¶´³öÏÖºóÁ¢¼´¶Ô´úÂë´ò²¹¶¡¡£

·ÀÓùºÍ¼ì²éSQL×¢ÈëµÄÊÖ¶Î
1.ʹÓòÎÊý»¯µÄ¹ýÂËÐÔÓï¾ä
Òª·ÀÓùSQL×¢È룬Óû§µÄÊäÈë¾Í¾ø¶Ô²»ÄÜÖ±½Ó±»Ç¶Èëµ½SQLÓï¾äÖС£Ç¡Ç¡Ïà·´£¬Óû§µÄÊäÈë±ØÐë½øÐйýÂË£¬»òÕßʹÓòÎÊý»¯µÄÓï¾ä¡£²ÎÊý»¯µÄÓï¾äʹÓòÎÊý¶ø²»Êǽ«Óû§ÊäÈëǶÈëµ½Óï¾äÖС£ÔÚ¶àÊýÇé¿öÖУ¬SQLÓï¾ä¾ÍµÃÒÔÐÞÕý¡£È»ºó£¬Óû§ÊäÈë¾Í±»ÏÞÓÚÒ»¸ö²ÎÊý¡£ÏÂÃæÊÇÒ»¸öʹÓÃJavaºÍJDBC APIÀý×Ó£º         
PreparedStatement prep = conn.prepareStatement("SELECT * FROM USERS WHERE PASSWORD=?");
  prep.setString(1, pwd);

×ÜÌåÉϽ²£¬ÓÐÁ½ÖÖ·½·¨¿ÉÒÔ±£Ö¤Ó¦ÓóÌÐò²»Ò×Êܵ½SQL×¢ÈëµÄ¹¥»÷£¬Ò»ÊÇʹÓôúÂ븴²é£¬¶þÊÇÇ¿ÆÈʹÓòÎÊý»¯Óï¾äµÄ¡£Ç¿ÆÈʹÓòÎÊý»¯µÄÓï¾äÒâζ×ÅǶÈëÓû§ÊäÈëµÄSQLÓï¾äÔÚÔËÐÐʱ½«±»¾Ü¾ø¡£²»¹ý£¬Ä¿Ç°Ö§³ÖÕâÖÖÌØÐԵIJ¢²»¶à¡£ÈçH2 Êý¾Ý¿âÒýÇæ¾ÍÖ§³Ö¡£

2.»¹Òª±ÜÃâʹÓýâÊͳÌÐò£¬ÒòΪÕâÕýÊǺڿÍÃǽèÒÔÖ´ÐзǷ¨ÃüÁîµÄÊֶΡ£

3.·À·¶SQL×¢È룬»¹Òª±ÜÃâ³öÏÖһЩÏêϸµÄ´íÎóÏûÏ¢£¬ÒòΪºÚ¿ÍÃÇ¿ÉÒÔÀûÓÃÕâЩÏûÏ¢¡£ÒªÊ¹ÓÃÒ»ÖÖ±ê×¼µÄÊäÈëÈ·ÈÏ»úÖÆÀ´ÑéÖ¤ËùÓеÄÊäÈëÊý¾ÝµÄ³¤¶È¡¢ÀàÐÍ¡¢Óï¾ä¡¢ÆóÒµ¹æÔòµÈ¡£

4.ʹÓÃרҵµÄ©¶´É¨Ãè¹

¸ÃÓû§´Óδǩµ½

·¢±íÓÚ 2008-8-31 21:25:05 | ÏÔʾȫ²¿Â¥²ã
²»´í£¬ÊµÔÚ£»

¸ÃÓû§´Óδǩµ½

·¢±íÓÚ 2009-10-27 20:42:53 | ÏÔʾȫ²¿Â¥²ã
thanks

¸ÃÓû§´Óδǩµ½

·¢±íÓÚ 2010-3-9 11:40:36 | ÏÔʾȫ²¿Â¥²ã
::JFBQ00125080410a::: Ö§³Ö ¶¥Ò»¸ö¡¤
  • TAµÄÿÈÕÐÄÇé
    ÓôÃÆ
    2016-6-2 16:41
  • Ç©µ½ÌìÊý: 1 Ìì

    Á¬ÐøÇ©µ½: 1 Ìì

    [LV.1]²âÊÔС±ø

    ·¢±íÓÚ 2010-3-9 17:00:37 | ÏÔʾȫ²¿Â¥²ã
    ÕæÊÇÌ«¸ÐлÁË

    ¸ÃÓû§´Óδǩµ½

    ·¢±íÓÚ 2010-3-27 22:33:01 | ÏÔʾȫ²¿Â¥²ã
    ºÜºÃ
  • TAµÄÿÈÕÐÄÇé
    ·Ü¶·
    2022-5-8 19:23
  • Ç©µ½ÌìÊý: 137 Ìì

    Á¬ÐøÇ©µ½: 1 Ìì

    [LV.7]²âÊÔʦ³¤

    ·¢±íÓÚ 2010-4-26 13:59:38 | ÏÔʾȫ²¿Â¥²ã
    ÏÖÔÚÕâ·½ÃæµÄ©¶´Ô½À´Ô½ÉÙÁË£¬¸Ð¾õ

    ¸ÃÓû§´Óδǩµ½

    ·¢±íÓÚ 2010-4-26 18:27:17 | ÏÔʾȫ²¿Â¥²ã
    PHPµÄ»°»¹ÊÇ´æÔںܶàSQL injectionµÄ£¬aspºÍasp.netµÄ±È½ÏÉÙ¼ûÁË

    ¸ÃÓû§´Óδǩµ½

    ·¢±íÓÚ 2010-5-7 00:11:15 | ÏÔʾȫ²¿Â¥²ã
    ³¤¼ûʶÁË

    ¸ÃÓû§´Óδǩµ½

    ·¢±íÓÚ 2010-5-7 13:54:12 | ÏÔʾȫ²¿Â¥²ã
    ºÃÎÄÕÂ

    ¸ÃÓû§´Óδǩµ½

    ·¢±íÓÚ 2010-5-11 17:46:36 | ÏÔʾȫ²¿Â¥²ã
    ·À·¶ÊֶΣº

    1¡¢Ê¹ÓÃÍ·Îļþ¹ýÂ˹ؼü×Ö·û´®£»
    2¡¢¶ÔÊý×ÖÐÍʹÓ÷½·¨¸ñʽ»¯ÎªÊý×ÖÐÍÔÙ²éѯ£¬¶ÔÓÚ×Ö·ûÐÍ´¦Àíµ¥ÒýºÅ£¬·ÀÖ¹±ÕºÏ¸³Öµ¹ý³Ì£»
    3¡¢Ê¹ÓòÎÊý»¯²éѯ£»
    4¡¢Ê¹Óô洢¹ý³Ì£»
    ÒÔÉÏ·½·¨ÔÚ¸÷ÖÖweb³ÌÐòϵÄʹÓý¨Ò飺
    asp/php£ºÊ¹ÓÃÒÔÉÏ1¡¢2¡¢4¾ù¿ÉÒÔ£¬ÍƼöʹÓÃ2¡¢4
    java/.net£ºÇ¿ÓïÑÔÀàÐÍ£¬Ê¹ÓÃÒÔÉÏËÄÖÖ¾ù¿ÉÒÔ£¬ÍƼöʹÓÃ2¡¢3¡¢4

    ¸ÃÓû§´Óδǩµ½

    ·¢±íÓÚ 2010-5-12 09:25:19 | ÏÔʾȫ²¿Â¥²ã
    ³¤¼ûʶÁË

    ¸ÃÓû§´Óδǩµ½

    ·¢±íÓÚ 2010-5-28 12:01:30 | ÏÔʾȫ²¿Â¥²ã
    ´ó¸Å¶ÁÁËһϣ¬ÊÜÒæÁ¼¶à°¡£¬ÏÈÊÕ²ØÁË£¬ÂýÂýÑо¿

    ¸ÃÓû§´Óδǩµ½

    ·¢±íÓÚ 2010-6-21 23:22:45 | ÏÔʾȫ²¿Â¥²ã
    3Q£¬ºÙºÙ
    ÄúÐèÒªµÇ¼ºó²Å¿ÉÒÔ»ØÌû µÇ¼ | (×¢-²á)¼ÓÈë51Testing

    ±¾°æ»ý·Ö¹æÔò

    ¹Ø±Õ

    Õ¾³¤ÍƼöÉÏÒ»Ìõ /1 ÏÂÒ»Ìõ

    СºÚÎÝ|ÊÖ»ú°æ|Archiver|51TestingÈí¼þ²âÊÔÍø ( »¦ICP±¸05003035ºÅ ¹ØÓÚÎÒÃÇ

    GMT+8, 2024-3-29 13:55 , Processed in 0.080763 second(s), 28 queries .

    Powered by Discuz! X3.2

    © 2001-2024 Comsenz Inc.

    ¿ìËٻظ´ ·µ»Ø¶¥²¿ ·µ»ØÁбí