在Global.asax文件里实现通用防SQL注入漏洞程序(适应于post/get请求)
首先,创建一个SQLInjectionHelper类完成恶意代码的检查
代码如下:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Text.RegularExpressions;
/// <summary>
///SQLInjectionHelper 的摘要说明
/// </summary>
public class SQLInjectionHelper
{
/// <summary>
/// 获取Post的数据
/// </summary>
/// <param name=\"request\"></param>
/// <returns></returns>
public static bool ValidUrlData(string request)
{
bool result = false;
if (request == \"POST\")
{
for (int i = 0; i < HttpContext.Current.Request.Form.Count; i++)
{
result = ValidData(HttpContext.Current.Request.Form[i].ToString());
if (result)
{
break;
}
}
}
else
{
for (int i = 0; i < HttpContext.Current.Request.QueryString.Count; i++)
{
result = ValidData(HttpContext.Current.Request.QueryString[i].ToString());
if (result)
{
break;
}
}
}
return result;
}
/// <summary>
/// 验证是否存在注入代码
/// </summary>
/// <param name=\"inputData\"></param>
/// <returns></returns>
private static bool ValidData(string inputData)
{
//验证inputData是否包含恶意集合
if (Regex.IsMatch(inputData, GetRegexString()))
{
return true;
}
else
{
return false;
}
}
/// <summary>
/// 获取正则表达式
/// </summary>
/// <returns></returns>
private static string GetRegexString()
{
//构造SQL的注入关键字符
string[] strChar = { \"and\", \"exec\", \"insert\", \"select\", \"update\", \"delete\", \"count\", \"from\", \"drop\", \"asc\", \"or\", \"char\", \"%\", \";\", \":\", \"\\\'\", \"\\\"\", \"-\", \"chr\", \"master\", \"mid\", \"truncate\", \"declare\", \"char\", \"SiteName\", \"/add\", \"xp_cmdshell\", \"net user\", \"net localgroup administrators\", \"exec master.dbo.xp_cmdshell\" };
string str_Regex = \".*(\";
for (int i = 0; i < strChar.Length - 1; i++)
{
str_Regex += strChar[i] + \"|\";
}
str_Regex += strChar[strChar.Length - 1] + \").*\";
return str_Regex;
}
}
有此类后即可使用Global.asax中的Application_BeginRequest(object sender, EventArgs e)事件来实现表单或者URL提交数据的获取,获取后传给SQLInjectionHelper类ValidUrlData方法来完成检查
代码如下
protected void Application_BeginRequest(object sender, EventArgs e)
{
bool result = false;
result = SQLInjectionHelper.ValidUrlData(Request.RequestType.ToUpper());
if (result)
{
Response.Write(\"您提交的数据有恶意字符\");
Response.End();
}
}
下面以一个小程序测试:
创建一个页面,如下
<%@ Page Language=\"C#\" AutoEventWireup=\"true\" CodeFile=\"Default.aspx.cs\" Inherits=\"_Default\" %>
<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">
<html xmlns=\"http://www.w3.org/1999/xhtml\">
<head runat=\"server\">
<title></title>
</head>
<body>
<form id=\"form1\" runat=\"server\">
<div>
<asp:TextBox ID=\"TextBox1\" runat=\"server\"></asp:TextBox>
<br />
<asp:Button ID=\"btnPost\" runat=\"server\" Text=\"获取Post数据\"
onclick=\"btnPost_Click\" />
</div>
<asp:Button ID=\"btnGet\" runat=\"server\" Text=\"获取Get数据\" onclick=\"btnGet_Click\" />
</form>
</body>
</html>
分别添加单击事件,如下
protected void btnPost_Click(object sender, EventArgs e)
{
}
protected void btnGet_Click(object sender, EventArgs e)
{
Response.Redirect(\"Default.aspx?a=1&b=2&c=3\");
}
在文本框中输入非法字符串,无论post请求还是get请求,都会被防SQL注入程序所截获
代码如下:
复制代码 代码如下:
using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Text.RegularExpressions;
/// <summary>
///SQLInjectionHelper 的摘要说明
/// </summary>
public class SQLInjectionHelper
{
/// <summary>
/// 获取Post的数据
/// </summary>
/// <param name=\"request\"></param>
/// <returns></returns>
public static bool ValidUrlData(string request)
{
bool result = false;
if (request == \"POST\")
{
for (int i = 0; i < HttpContext.Current.Request.Form.Count; i++)
{
result = ValidData(HttpContext.Current.Request.Form[i].ToString());
if (result)
{
break;
}
}
}
else
{
for (int i = 0; i < HttpContext.Current.Request.QueryString.Count; i++)
{
result = ValidData(HttpContext.Current.Request.QueryString[i].ToString());
if (result)
{
break;
}
}
}
return result;
}
/// <summary>
/// 验证是否存在注入代码
/// </summary>
/// <param name=\"inputData\"></param>
/// <returns></returns>
private static bool ValidData(string inputData)
{
//验证inputData是否包含恶意集合
if (Regex.IsMatch(inputData, GetRegexString()))
{
return true;
}
else
{
return false;
}
}
/// <summary>
/// 获取正则表达式
/// </summary>
/// <returns></returns>
private static string GetRegexString()
{
//构造SQL的注入关键字符
string[] strChar = { \"and\", \"exec\", \"insert\", \"select\", \"update\", \"delete\", \"count\", \"from\", \"drop\", \"asc\", \"or\", \"char\", \"%\", \";\", \":\", \"\\\'\", \"\\\"\", \"-\", \"chr\", \"master\", \"mid\", \"truncate\", \"declare\", \"char\", \"SiteName\", \"/add\", \"xp_cmdshell\", \"net user\", \"net localgroup administrators\", \"exec master.dbo.xp_cmdshell\" };
string str_Regex = \".*(\";
for (int i = 0; i < strChar.Length - 1; i++)
{
str_Regex += strChar[i] + \"|\";
}
str_Regex += strChar[strChar.Length - 1] + \").*\";
return str_Regex;
}
}
有此类后即可使用Global.asax中的Application_BeginRequest(object sender, EventArgs e)事件来实现表单或者URL提交数据的获取,获取后传给SQLInjectionHelper类ValidUrlData方法来完成检查
代码如下
复制代码 代码如下:
protected void Application_BeginRequest(object sender, EventArgs e)
{
bool result = false;
result = SQLInjectionHelper.ValidUrlData(Request.RequestType.ToUpper());
if (result)
{
Response.Write(\"您提交的数据有恶意字符\");
Response.End();
}
}
下面以一个小程序测试:
创建一个页面,如下
复制代码 代码如下:
<%@ Page Language=\"C#\" AutoEventWireup=\"true\" CodeFile=\"Default.aspx.cs\" Inherits=\"_Default\" %>
<!DOCTYPE html PUBLIC \"-//W3C//DTD XHTML 1.0 Transitional//EN\" \"http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd\">
<html xmlns=\"http://www.w3.org/1999/xhtml\">
<head runat=\"server\">
<title></title>
</head>
<body>
<form id=\"form1\" runat=\"server\">
<div>
<asp:TextBox ID=\"TextBox1\" runat=\"server\"></asp:TextBox>
<br />
<asp:Button ID=\"btnPost\" runat=\"server\" Text=\"获取Post数据\"
onclick=\"btnPost_Click\" />
</div>
<asp:Button ID=\"btnGet\" runat=\"server\" Text=\"获取Get数据\" onclick=\"btnGet_Click\" />
</form>
</body>
</html>
分别添加单击事件,如下
复制代码 代码如下:
protected void btnPost_Click(object sender, EventArgs e)
{
}
protected void btnGet_Click(object sender, EventArgs e)
{
Response.Redirect(\"Default.aspx?a=1&b=2&c=3\");
}
在文本框中输入非法字符串,无论post请求还是get请求,都会被防SQL注入程序所截获
图1 测试防SQL注入程序的页面
图2 错误信息
本文地址:https://www.stayed.cn/item/2903
转载请注明出处。
本站部分内容来源于网络,如侵犯到您的权益,请 联系我
我的博客
人生若只如初见,何事秋风悲画扇。
我的标签
随笔档案
- 2024-02(2)
- 2023-06(1)
- 2023-05(1)
- 2023-04(14)
- 2023-03(3)
- 2023-01(6)
- 2022-12(5)
- 2022-11(5)
- 2022-07(2)
- 2022-06(4)
- 2022-05(3)
- 2022-03(1)
- 2021-12(6)
- 2021-11(1)
- 2021-10(3)
- 2021-09(5)
- 2021-07(5)
- 2021-02(2)
- 2021-01(7)
- 2020-12(18)
- 2020-11(14)
- 2020-10(12)
- 2020-09(10)
- 2020-08(22)
- 2020-07(2)
- 2020-06(1)
- 2020-04(5)
- 2020-03(9)
- 2020-02(7)
- 2020-01(9)
- 2019-12(8)
- 2019-11(10)
- 2019-10(11)
- 2019-09(17)
- 2019-08(16)
- 2019-07(6)
- 2019-06(3)
- 2019-04(1)
- 2019-03(8)
- 2019-02(5)
- 2019-01(1)
- 2018-11(2)
- 2018-10(3)
- 2018-09(1)
- 2018-08(3)
- 2018-07(3)
- 2018-06(7)
- 2018-04(4)
- 2018-03(5)
- 2018-02(4)
- 2018-01(22)
- 2017-12(3)
- 2017-11(5)
- 2017-10(15)
- 2017-09(26)
- 2017-08(1)
- 2017-07(3)