SQL Injection principles and how to avoid injection and SQL Injection principles

SQL Injection principles and how to avoid injection and SQL Injection principles

SQL Injection: When will SQL be used? The answer is that when accessing the database, that is, SQL injection --> directly threatens the data source. Oh, the database has been threatened. Can the website still be normal?

SQL injection is to insert SQL commands into Web forms to submit or enter query strings for domain names or page requests, and finally fool the server to execute malicious SQL commands. Specifically, it uses existing applications to inject (malicious) SQL commands into the background database engine for execution. It can input (malicious) SQL commands in Web forms) SQL statements get a database on a website with security vulnerabilities, instead of executing SQL statements according to the designer's intent. [1] For example, most of the previous VIP member passwords leaked by many video websites are exposed by submitting query characters through WEB forms. Such forms are particularly vulnerable to SQL injection attacks.

Based on the relevant technical principles, SQL injection can be divided into platform-Layer Injection and code-layer injection. The former is caused by insecure database configurations or database platform vulnerabilities. The latter is mainly because the programmer does not carefully filter the input, thus executing illegal data queries. Based on this, the cause of SQL injection is usually manifested in the following aspects: ① improper type processing; ② insecure database configuration; ③ unreasonable query set processing; ④ improper error handling; ⑤ improper handling of escape characters; ⑥ improper handling of multiple submissions.

Injection Method:

1. Guess the table name and column name.

Guess the table name first
And (Select count (*) from Table Name) <> 0
Guess column name
And (Select count (column name) from Table Name) <> 0
Or you can.
And exists (select * from table name)
And exists (select column name from table name)
If the returned result is correct, the written table name or column name is correct.

2. Background Authentication Bypass Vulnerability
The verification bypass vulnerability is the backend Bypass Vulnerability of 'or' = 'or'. The operation rules of and or are used to cause logical errors in the background scripts.
For example, if the administrator account and password are both admin, then the database query statement in the background is
User = request ("user ")
Passwd = request ("passwd ")
SQL = 'select admin from adminbate where user = '& ''' & user & ''' &' and passwd = '& ''' & passwd &'''
If I use 'or 'A' = 'a as the user name and password, then the query becomes
Select admin from adminbate where user = ''or 'A' = 'A' and passwd ='' or 'A' = 'A'
In this case, according to the calculation rule, there are a total of four query statements, so the query result is false or true and false or true. Calculate and then calculate or, and the final result is true, in this way, you can enter the background.

How can this problem be prevented? To sum up, there are mainly the following points:

1. Never trust users' input. Validate user input. You can use regular expressions or limit the length. Convert single quotes and double. 2. Never use dynamic assembled SQL statements. You can use parameterized SQL statements or directly use stored procedures for data query and access. 3. Never use a database connection with administrator permissions. Use a database connection with limited permissions for each application. 4. Do not store confidential information directly, encrypt or hash passwords and sensitive information. 5. the application exception information should be given as few prompts as possible. It is best to use custom error information to wrap the original error information. 6. the SQL injection detection method generally uses auxiliary software or website platform for testing. The software generally uses the SQL Injection detection tool jsky, and the website platform has the Yis website security platform detection tool. Mdcsoft scan. Using MDCSOFT-IPS can effectively defend against SQL injection, XSS attacks and so on. Waiting for the test ........

Copyright Disclaimer: This article is an original article by the blogger and cannot be reproduced without the permission of the blogger.