Shulou(Shulou.com)06/01 Report--

SQL injection vulnerabilities are high-risk vulnerabilities in the website vulnerabilities, ranking in the top three and affecting a wide range of areas, such as asp,. Net, PHP, java, and other programming languages, there are sql injection vulnerabilities, so how to detect sql injection vulnerabilities in websites?

Testing method of SQL injection vulnerability

In the program code, whether it is get submission, post submission, cookies way, there can be a parameter value of arbitrary control parameters, through the use of sql injection tools, the classic sqlmap for detection and vulnerability exploitation, you can also use some domestic SQL code injection tools, the simplest security testing method is to test sql injection vulnerabilities by using single quotes in the database, AND 1'1 AND 1'2 and other character injection.

Anatomy of SQL injection loophole

In the program code of the website, there are many parameter values that users need to submit, such as get and post data submission, some programmers do not carry out detailed security filtering, resulting in the direct execution of SQL statements, in the submitted parameters, you can add some malicious sql commands, such as querying the account password of admin, querying the version of the database, and querying the user's account password. Execute to write a word Trojan to the database configuration file, execute system commands to lift rights, and so on.

SQL injection vulnerability repair

In the lowest level of program code, sql vulnerability repair and protection, add and filter some illegal parameters in the code, server-side binding variables, SQL statement standardization, is the best way to prevent websites from being attacked by sql injection. Sine Security is a network security service provider specializing in website security, server security, website security testing, website vulnerability repair, penetration testing, and security services.

First, all the query statements in the program code, use the standardized database query statement API interface, set the parameters of the statement to filter some illegal characters, and prevent users from entering malicious characters into the database to execute sql statements.

Second, safely filter the parameters submitted by the user, such as some special characters (, () * & …... % # etc.) perform character escape operations and secure conversion of encodings

Third, the code layer code of the website is unified as far as possible, it is recommended to use utf8 coding, if the code in the code is not the same, it will cause some filters to be bypassed directly.

Fourth, the data type of the website must be determined to be numeric, that is, numeric, character type is character type, and the storage field type in the database is also set to ini type.

Fifth, carries on the security restriction to the user's operation authority, the ordinary user only gives the ordinary authority, the administrator background operation authority should release, reduces the malicious attack to the database as far as possible.

Sixth, the error information of the website should not be returned to the client as far as possible, such as some character errors, database error information, as far as possible to prevent leakage to the client.

Seventh, if you are not familiar with the program code of the website, it is recommended to give it to a professional security company to deal with it professionally. Sinesafe, Green League and Enlightenment Star are recommended in China.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.