Shulou(Shulou.com)05/31 Report--

This article will explain in detail the example analysis of the process of SQL injection vulnerabilities. The editor thinks it is very practical, so I share it for you as a reference. I hope you can get something after reading this article.

Code example:

Public class JDBCDemo3 {public static void demo3_1 () {boolean flag=login ("aaa' OR'", "1651561"); / / if the user name is known, you can log in to if (flag) {System.out.println ("login success") in this way without knowing the password;} else {System.out.println ("login failed");} public static boolean login (String username,String password) {Connection conn=null Statement stat=null; ResultSet rs=null; boolean flag=false; try {conn=JDBCUtils.getConnection (); String sql= "SELECT * FROM user WHERE username='" + username+ "'AND password='" + password+ "'" / / this is the key to the SQL injection vulnerability, because the concatenation of strings will cause the query statement to become: SELECT * FROM user WHERE username='aaa' OR''AND password='1651561', this query statement can get the result set, so this vulnerability occurs: stat=conn.createStatement (); rs=stat.executeQuery (sql); if (rs.next ()) {flag=true;} else {flag=false }} catch (SQLException e) {e.printStackTrace ();} return flag;}

As a workaround, use PrepareStatment:

Public static void demo3_1 () {boolean flag=login1 ("aaa' OR'", "1651561"); if (flag) {System.out.println ("login success");} else {System.out.println ("login failure");} public static boolean login1 (String username,String password) {Connection conn=null; PreparedStatement pstat=null; ResultSet rs=null; boolean flag=false; try {conn=JDBCUtils.getConnection () String sql= "SELECT * FROM user WHERE username=?" AND password=? "; / / use? Instead of parameters, set the sql format in advance so that even when you enter the sql keyword, it will not be recognized by sql pstat=conn.prepareStatement (sql); pstat.setString (1) username; / / set the value of the question mark pstat.setString (2) password); rs=pstat.executeQuery (); if (rs.next ()) {flag=true;} else {flag=false }} catch (SQLException e) {e.printStackTrace ();} return flag;}}

Using the above solutions, you will not be able to log in successfully through the SQL injection vulnerability.

This is the end of this article on "sample analysis of the process of SQL injection vulnerabilities". I hope the above content can be helpful to you, so that you can learn more knowledge. if you think the article is good, please share it for more people to see.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.