| Web页面中SQL注入攻击过程及防御措施 |
| |
| 引用本文: | 徐书欣,;王希军. Web页面中SQL注入攻击过程及防御措施[J]. 黑龙江电子技术, 2014, 0(8): 187-189 |
| |
| 作者姓名: | 徐书欣, 王希军 |
| |
| 作者单位: | [1]许昌市耕新信息科学研究院,河南许昌461000; [2]许昌职业技术学院,河南许昌461000 |
| |
| 摘 要: | Web页面中的SQL注入攻击是当前黑客最常用的攻击方法,现阐述了SQL注入攻击的定义,根据目前黑客对SQL注入攻击的现状,分析了注入式攻击和SQL注入的原理,对SQL注入攻击的完整过程作了全面剖析,然后针对大多数网站都存在着SQL注入漏洞等过滤和约束不严的问题,从网站管理员和Web应用开发者两个方面给出了防御SQL注入攻击的有效措施。
|
| 关 键 词: | Web SQL注入 攻击过程 防御措施 |
Web page SQL injection attack process and defensive measures |
| |
| Affiliation: | XU Shu-xin, WANG Xi-jun( 1. Xuchang Academy of Farming New Information, Xuchang 461000, Henan Province, China; 2. Xuchang Vocational Technical College, Xuchang 461000, Henan Province, China) |
| |
| Abstract: | SQL injection attack in the Web page is the most common hacker attack method. This paperelaborates the definition of SQL injection attack, according to the current hackers to SQL injection attack, analyzes the injection attack and the principle of SQL injection attack, makes a comprehensive analysis of the complete process of SQL injection attack. Then, for most Web sites, a SQL injectionvulnerability exists, such as filters and constraints are inadequate problem, from both web masters and Web application developers of effective measures to protect against SQL injection attacks is given out. |
| |
| Keywords: | Web SQL injection attack process defensive measures |
| 本文献已被 维普 等数据库收录! |
|
