SQL injection attack and guard technical research
2011; Elsevier BV; Volume: 15; Linguagem: Inglês
10.1016/j.proeng.2011.08.775
ISSN1877-7058
Autores Tópico(s)Web Application Security Vulnerabilities
Resumodue to the various Web server vulnerabilities and procedure of the rigor leads to a Web server script for attacks was increasing, its are mostly through the ASP or PHP scripting injection such as a major attack means, plus Web site rapid expansion of today, based on both the SQL injection also slowly become the mainstream way. Attack SQL injection is to use the insert harmful character attack technology. The attacker using programmers to user input data legitimacy detection not strictly or not detection characteristics, deliberately in a different way from client submit special code to manipulate data, thus collection procedures and server information, obtain the desired information. This paper briefly introduces the concept of SOL injection attack and principle, and the realization process of SQL injection attack, and on this basis describes how to detect SQL injection attack, summarizes the general SQL injection attack prevention methods. And the ASP website platform system injection attack prevention technology examples are analyzed, make prevent SQL injection technology in the practical application of web security system plays a better, more effectively resist hackers and other malicious damage.
Referência(s)