Web vulnerabilities: Various injection and attacks (1)

With the birth of a series of new Internet products such as Web2.0, social networks, and Weibo, the Web-based Internet applications are becoming more and more extensive. In the process of enterprise informatization, various applications are deployed on the Web platform, the rapid development of Web Services has aroused the strong attention of hackers. The following is the highlight of Web security threats. Attacks on Web servers are diverse and diverse, common attacks include Trojan, SQL injection, and XSS.

SQL Injection

SQL injection is to insert SQL commands into Web forms to submit or input query strings for domain names or page requests, and finally fool the server to execute malicious SQL commands.

The following example gives a better understanding of SQL injection:

There is a Login screen where two text boxes are used to enter the user name and password respectively. When the user clicks the logon button, the user name and password entered are verified. The SQL statement for verification is as follows:

Select * from student where username = 'input username 'and password = 'input password'

If the data can be retrieved, the verification is successful; otherwise, the verification fails.

If you enter 'or '1' = '1' or '1' = '1' in the User Name text box, the verified SQL statement becomes:

Select * from student where username = ''or '1' = '1' or '1' = '1' and password =''

If you enter 1 'or '1' = '1 In the Password text box, the verified SQL statement becomes:

Select * from student where username = ''and password = '1' or '1' = '1'

The where condition of the preceding two SQL statements is always valid.

If you enter tom '; drop table student -- In the username text box, the SQL statement is changed:

[SQL] view plaincopyprint?

1. select * from student where username = 'Tom '; drop table student --' and password =''

In this way, the two SQL statements are changed. After the query operation is completed, the student table is directly deleted to indicate comments)

How to Prevent SQL injection:

1. Never trust users' input. Validate user input. You can use regular expressions or limit the length. Convert single quotes and double.

2. Never use dynamic assembled SQL statements. You can use parameterized SQL statements or directly use stored procedures for data query and access.

3. Never use a database connection with administrator permissions. Use a database connection with limited permissions for each application.

4. Do not store confidential information directly, encrypt or hash passwords and sensitive information.

5. The application exception information should be given as few prompts as possible. It is best to use custom error information to wrap the original error information.

6. Use some tools or network platforms to check whether SQL Injection exists.