从黑客角度检验oracle数据库
2008-09-08 12:51:22 来源:WEB开发网注意结尾的‘q’=’q’,这样用的原因是我们可以处理第二条查询,ASP将加他加入网页的结尾,这条语句值是真的。
3 Example JSP page
Package myseverlets;
<….>
String sql = new String(“SELECT * FROM
WebUsers WHERE Username=’” +
request.getParameter(“username”) + “’
AND Password=’” +
request.getParameter(“password”) + “’”
stmt = Conn.prepareStatement(sql)
Rs = stmt.executeQuery()
Exploiting the problem is much simpler if you can access the source of the web
page. You should not be able to see this data, however there are many bugs that
allow you to view the source, and I’m sure there are still lots that have not yet been
discovered.
The problem with our ASP code is that we are concatenating our SQL statement
together without parsing out any single quotes. Parsing out single quotes is a good
first step, but its recommended that you actually use parameterized SQL statements
instead.
4 有效的输入
如果用户和密码设置为:
– Username: Bob
更多精彩
赞助商链接