For more details, see: http://www.111cn.net/jsp/Java/58610.htm
What should I do if my website has this "universal password" vulnerability?
'Or' = 'or' there are many methods to fix the vulnerability. Here we will introduce two methods.
Method 1: Replace characters
Solution: Find
The Code is as follows:
Username = request. Form ("name ")
Pass = request. Form ("pass ")
To:
The Code is as follows:
Username = Replace (request. Form ("name "),"'","''")
Pass = Replace (request. Form ("pass "),"'","''")
The syntax is to block the 'and' characters to achieve the effect.
Next I will modify a bug program with a universal password.
The Code is as follows:
Public String login ()
{
String str1 = (String) getParamenterValue ("username ");
String str2 = (String) getParamenterValue ("password ");
List localList = this. entityManager. findByHQL ("from AdminUser where username = '" + str1 + "' and password = '" + str2 + "'", false,-1,-1 );
If (localList! = Null) & (localList. size ()> 0 ))
{
HttpSession localHttpSession = getHttpSession ();
LocalHttpSession. setAttribute ("adminuser", localList. get (0 ));
SetToJsp ("/managers/index. jsp ");
Return "www.111cn.net ";
}
SetToJsp ("/adminlogin. jsp ");
Return "toJsp ";
}
Code after repair:
The Code is as follows:
Public String login ()
{
String str1 = (String) getParamenterValue ("username ");
String str2 = (String) getParamenterValue ("password ");
List localList = this. entityManager. findByHQL ("from AdminUser where username = '" + str1 + "' and password = '" + str2 + "'", false,-1,-1 );
If (localList! = Null) & (localList. size () = 1 ))
{
// If size> 1, don't login.
AdminUser loginUser = (AdminUser) localList. get (0 );
If (loginUser. getUsername (). equals (str1) & loginUser. getPassword (). equals (str2 )){
HttpSession localHttpSession = getHttpSession ();
LocalHttpSession. setAttribute ("adminuser", localList. get (0 ));
SetToJsp ("/managers/index. jsp ");
} Else {
SetToJsp ("/adminlogin. jsp ");
}
Return "toJsp ";
}
SetToJsp ("/adminlogin. jsp ");
Return "toJsp ";
}