# Anti-sql common method of injection:
1, the front end server to pass over the parameter value type validation;
2, sql server performs, using the parameters of the traditional values, instead sql string concatenation;
3, the front end server for transmission over the data detected over sql keyword;
# Focused record sql server perform keyword detection:
1, sql keyword detection categories:
1 public class SqlInjectHelper:System.Web.UI.Page 2 { 3 private static string StrKeyWord = "select|insert|delete|from|count(|drop table|update|truncate|asc(|mid(|char(|xp_cmdshell|exec|master|net local group administrators|net user|or|and"; 4 private static string StrSymbol = ";|(|)|[|]|{|}|%|@|*|'|!"; 5 6 private HttpRequest request; 7 public SqlInjectHelper(System.Web.HttpRequest _request) 8 { 9 the this .request = _REQUEST; 10 } . 11 public BOOL CheckSqlInject () 12 is { 13 is return CheckRequestQuery () || CheckRequestForm (); 14 } 15 16 /// <Summary> . 17 /// checks whether the URL contained Sql injection 18 / // <param name = "_ Request"> current HttpRequest object </ param> 19 /// <returns A> if sql injection contains keywords return: true; otherwise: false </ returns A> 20 /// </ the Summary > 21 public BOOL CheckRequestQuery() 22 { 23 if (request.QueryString.Count > 0) 24 { 25 foreach (string sqlParam in this.request.QueryString) 26 { 27 if (sqlParam == "__VIEWSTATE") 28 continue; 29 if (sqlParam == "__EVENTVALIDATION") 30 continue; 31 if(CheckKeyWord (Request.QueryString [sqlParam] .ToLower ())) 32 { 33 is return to true ; 34 is } 35 } 36 } 37 [ return to false ; 38 is } 39 /// <Summary> 40 /// form submission check whether sql injection containing the keyword 41 is /// <param name = "_ Request"> current HttpRequest object </ param> 42 is /// <returns> If sql injection contains keywords returns: true; otherwise: to false </ returns> 43 is /// </ Summary> 44 is public bool CheckRequestForm() 45 { 46 if (request.Form.Count > 0) 47 { 48 foreach (string sqlParam in this.request.Form) 49 { 50 if (sqlParam == "__VIEWSTATE") 51 continue; 52 if (sqlParam == "__EVENTVALIDATION") 53 continue; 54 if(CheckKeyWord (request.Form [sqlParam])) 55 { 56 is return to true ; 57 is } 58 } 59 } 60 return to false ; 61 is } 62 is /// <Summary> 63 is /// check string contains keywords Sql injection 64 /// <param name = "_ Key"> is checked string </ param> 65 /// <returns> If sql injection contains keywords returns: true; otherwise: to false </ returns> 66 // / </ the Summary> 67 Private static bool CheckKeyWord(string _key) 68 { 69 string[] pattenKeyWord = StrKeyWord.Split('|'); 70 string[] pattenSymbol = StrSymbol.Split('|'); 71 foreach (string sqlParam in pattenKeyWord) 72 { 73 if (_key.Contains(sqlParam + " ") || _key.Contains(" " + sqlParam)) 74 { 75 return true; 76 } 77 } 78 foreach (string sqlParam in pattenSymbol) 79 { 80 if (_key.Contains(sqlParam)) 81 { 82 return true; 83 } 84 } 85 return false; 86 } 87 88 }
SqlInjectHelper class, the detection of the query parameter and the parameter request form is no detection of the cookie, if necessary, together with their own;
2, SqlInjectHelper where to call it?
1), if you want all requests to have done the whole web site sql keyword detection, it is called Application_BeginRequest method in Global.asax;
. 1 protected void the Application_BeginRequest ( Object SENDER, EventArgs E) 2 { . 3 SqlInjectHelper MyCheck = new new SqlInjectHelper (the Request); . 4 BOOL Result = myCheck.CheckSqlInject (); . 5 IF (Result) . 6 { . 7 Response.ContentType = " text / Plain " ; 8 Response.Write ( " data you submit malicious characters! " ); 9 Response.End (); 10 } 11 }
2) If only need sql keyword detection of the interface an interface file, then you can simply call SqlInjectHelper class at the beginning of the file;
1 public class Handler1 : IHttpHandler 2 { 3 public void ProcessRequest(HttpContext context) 4 { 5 SqlInjectHelper myCheck = new SqlInjectHelper(context.Request); 6 bool result = myCheck.CheckSqlInject(); 7 context.Response.ContentType = "text/plain"; 8 context.Response.Write(result?"您提交的数据有恶意字符!":""); 9 context.Response.StatusCode = result ? 500 : 200; 10 } 11 public bool IsReusable 12 { 13 get 14 { 15 return false; 16 } 17 } 18 }
The code above is of a general handler (ashx) add a sql keyword detection;
3, supplement: asp.net in __VIEWSTATE, __ EVENTVALIDATION,
In sql keyword detection method, excluded __VIEWSTATE, __ EVENTVALIDATION these two parameters;
1), __ VIEWSTATE
the ViewState in ASP.NET is used to save the state when the WEB control return value mechanism. WEB in the form (FORM) is set to runat = "server", the form (FORM) is appended a hidden attribute _VIEWSTATE. _VIEWSTATE value stored in the state all the controls in the ViewState.
ViewState is a domain in the Control class, all the other controls to get the ViewState functionality through inheritance Control. Its type is system.Web.UI.StateBag, the object a name / value set.
When requesting a page, ASP.NET controls all the state of the sequence into a string, and then as a hidden property of the form to the client. When the client postback, ASP.NET analyzes the return of form properties and assign the corresponding value of the control;
2), __ EventValidation
__EVENTVALIDATION only used to verify whether an event is sent from a legitimate page, just a digital signature, it is generally very short.
"Id" attribute "__EVENTVALIDATION" hidden field is ASP.NET 2.0's new security measures. This feature prevents unauthorized request by the potentially malicious user sends from the browser.;
4, another version of sql keyword detection: This version will all dangerous characters are placed in a regular expression;
This class not only detection of commonly used keywords sql common keywords there xss attacks
1 public class SafeHelper 2 { 3 private const string StrRegex = @"<[^>]+?style=[\w]+?:expression\(|\b(alert|confirm|prompt)\b|^\+/v(8|9)|<[^>]*?=[^>]*?&#[^>]*?>|\b(and|or)\b.{1,6}?(=|>|<|\bin\b|\blike\b)|/\*.+?\*/|<\s*script\b|<\s*img\b|\bEXEC\b|UNION.+?SELECT|UPDATE.+?SET|INSERT\s+INTO.+?VALUES|(SELECT|DELETE).+?FROM|(CREATE|ALTER|DROP|TRUNCATE)\s+(TABLE|DATABASE)"; 4 public static bool PostData() 5 { 6 bool result = false; 7 for (int i = 0; i < HttpContext.Current.Request.Form.Count; i++) 8 { 9 result = CheckData(HttpContext.Current.Request.Form[i].ToString()); 10 if (result) 11 { 12 break; 13 } 14 } 15 return result; 16 } 17 18 public static bool GetData() 19 { 20 bool result = false; 21 for (int i = 0; i < HttpContext.Current.Request.QueryString.Count; i++) 22 { 23 result = CheckData(HttpContext.Current.Request.QueryString[i].ToString()); 24 if (result) 25 { 26 break; 27 } 28 } 29 return result; 30 } 31 public static bool CookieData() 32 { 33 bool result = false; 34 for (int i = 0; i < HttpContext.Current.Request.Cookies.Count; i++) 35 { 36 result = CheckData(HttpContext.Current.Request.Cookies[i].Value.ToLower()); 37 if (result) 38 { 39 break; 40 } 41 } 42 return result; 43 44 } 45 public static bool referer() 46 { 47 bool result = false; 48 return result = CheckData(HttpContext.Current.Request.UrlReferrer.ToString()); 49 } 50 public static bool CheckData(string inputData) 51 { 52 if (Regex.IsMatch(inputData, StrRegex)) 53 { 54 return true; 55 } 56 else 57 { 58 return false; 59 } 60 } 61 }
————————————————————————————————————