SQL注入攻击与防御研究SQL注入攻击与防御研究.doc

二 〇 一 三 年 五 月 摘 要 SQL注入攻击是黑客对数据库进行攻击的常用手段之一。随着B/S模式应用开发的发展，使用这种模式编写应用程序的程序员也越来越多。但是由于程序员的水平及经验也参差不齐，相当大一部分程序员在编写代码的时候，没有对用户输入数据的合法性进行判断，使应用程序存在安全隐患。用户可以提交一段数据库查询代码，根据程序返回的结果，获得某些他想得知的数据，这就是所谓的SQL Injection，即SQL注入。SQL注入是从正常的WWW端口访问，而且表面看起来跟一般的Web页面访问 没什么区别，所以市面的防火墙都不会对SQL注入发出警报，如果管理员没查看ⅡS日志的习惯，可能被入侵很长时间都不会发觉。但是，SQL注入的手法相当灵活，在注入的时候会碰到很多意外的情况，需要构造巧妙的SQL语句，从而成功获取想要的数据。目前有近70%的攻击行为是基于WEB应用，而据CVE的2006年度统计数据显示，SQL注入攻击漏洞呈逐年上升的状态，2006年更是达到了惊人的1078个，而这些还仅限于通用应用程序的漏洞，不包括更为庞大的专业web应用程序所存在的漏洞。 . 关键词：SQL注入攻击；数据库；SQL语句 Abstract SQL injection attack is one of the commonly used means of hacking attacks against the database. With the development of the B/S mode application development, use this mode to write the application programmer is also more and more. But because the programmers level and experience also is uneven, a considerable part of the programmer in writing code, not to judge the legitimacy of the user input data, make the application existence safe hidden trouble. User can submit a database query code, on the basis of the result of the program to return to obtain certain he wants to know, this is the SQL Injection, namely, SQL Injection. SQL injection from normal WWW port access, and the surface looks like a generic Web page access makes no difference, so the market of the firewall will not alert to SQL injection, if the administrator doesnt see Ⅱ S habit of log, invasion may be a long time not found. However, SQL injection technique is quite flexible, at the time of injection will encounter a lot of unexpected situation, constructing the SQL statements for clever, thereby successfully obtain desired data.There are nearly 70% of the applications is a web-based attack behavior, and according to the statistics show that 2006 CVE SQL injection vulnerability is rising year by year, has risen an astonishing 1078, 2006, which is limited to general application vulnerabilities, n