ASP 防注入整理
當(dāng)前位置:點(diǎn)晴教程→知識管理交流
→『 技術(shù)文檔交流 』
[p]1、sql安全檢測函數(shù) [br]function checkstr(str,strtype) [br]dim strtmp [br]strtmp = "" [br]if strtype ="s" then [br]strtmp = replace(trim(str),"'","''") [br]strtmp = replace(strtmp,";","") [br]elseif strtype="i" then [br]if isnumeric(str)=false then str=false [br]strtmp = str [br]else [br]strtmp = str [br]end if [br]checkstr= strtmp [br]end function[/p]
[p]把這函數(shù)放在你頁面代碼里,你的接收參數(shù)可以這樣寫 [br]<% [br]yxzy=checkstr(request("yxzy"),"s") [br]%>[/p] [p]上面是指字符串型,如果你的參數(shù)是數(shù)字型,比方id [br]<% [br]id=request("id") [br]%> [br]那么安全的,你可以這么寫: [br]yxzy=checkstr(request("yxzy"),"i")[/p] [p]2、過濾用戶名中的非法字符 [br]function dealusername(username_) [br]dim regexpobj [br]dim i,n [br]dim username,tempstr,resultstr[/p] [p]username=trim(username_) [br]set regexpobj=new regexp [br]regexpobj.global = true [br]regexpobj.pattern="^[a-za-z0-9_]+$" '只允許字母、數(shù)字和下劃線 [br]'regexpobj.pattern="^\w+$" '效果同上[/p] [p]resultstr=username [br]n=len(username) [br]for i=1 to n [br]tempstr=mid(username,i,1) [br]if not regexpobj.test(tempstr) then resultstr=replace(resultstr,tempstr,"") [br]next[/p] [p]set regexpobj=nothing [br]dealusername=resultstr [br]end function[/p] [p]3、防注入的安全request函數(shù)[br]function saferequest(paraname,paratype) [br]'--- 傳入?yún)?shù) --- [br]'paraname:參數(shù)名稱-字符型 [br]'paratype:參數(shù)類型-數(shù)字型(1表示以上參數(shù)是數(shù)字,0表示以上參數(shù)為字符)[/p] [p]dim paravalue [br]paravalue=request(paraname) [br]if paratype=1 then [br]if not isnumeric(paravalue) then [br]response.write "參數(shù)" & paraname & "必須為數(shù)字型!" [br]response.end [br]end if [br]else [br]paravalue=replace(paravalue,"'","''") [br]end if [br]saferequest=paravalue [br]end function[/p] [p]4、外部連接進(jìn)入網(wǎng)站[br]<% dim refurl [br]refurl = request.servervariables("http_referer") [br]if refurl <> "" and instr(refurl,request.servervariables("server_name")) = 0 then [br]response.write("進(jìn)入網(wǎng)站首頁") [br]response.end() [br]end if %> [br]防止從外部連接進(jìn)入網(wǎng)站,也可以防止被iframe[/p] [p]5、iis設(shè)置[br]sql注入入侵是根據(jù)iis給出的asp錯誤提示信息來入侵的,如果你把iis設(shè)置成不管出什么樣的asp錯誤,只給出一種錯誤提示信息,即http 500錯誤,那么人家就沒辦法入侵了。具體設(shè)置請參看圖2。主要把500:100這個錯誤的默認(rèn)提示頁面 c:\windows\help\iishelp\common\500-100.asp改成 [br]c:\windows\help\iishelp\common\500.htm即可,這時,無論asp運(yùn)行中出什么錯,服務(wù)器都只提示http 500錯誤。[/p] [p]6、篩選掉不必要的sql語句[br]<% [br]'使用說明:在數(shù)據(jù)庫連接頁(如:conn.asp)或你要防注入的頁頭內(nèi)包含此文件即可。<[url=mailto:!--@include]!--@include[/url] file="cf_sql.asp"-->(將@改為#)[/p] [p][br]dim cfsql_i,cfsql_sqlchr,cfsql_chrcontent [br]cfsql_sqlchr = "select*|and'|or'|insertinto|deletefrom|altertable|update|createtable|createview|dropview|createindex|dropindex|createprocedure|dropprocedure|createtrigger|droptrigger|createschema|dropschema|createdomain|alterdomain|dropdomain|);|select@|declare@|print@|char(|select" [br]cfsql_sqlchrs = split(cfsql_sqlchr,"|")[/p] [p][br]'====================================================== [br]'post方式處理 [br]'====================================================== [br]if request.form<>"" then [br]for each cfsql_chrcontent in request.form [br]for cfsql_i=0 to ubound(cfsql_sqlchrs) [br]select case cfsql_sqlchrs(cfsql_i) [br]case "select"'為避免select的多表關(guān)聯(lián)查詢 [br]if instr(lcase(replace(request.form(cfsql_chrcontent)," ","")),"select")>0 and instr(lcase(replace(request.form(cfsql_chrcontent)," ","")),"from")>0 then [br]call cfsql_prompttitle() [br]end if [br]case "update"'update作額外處理,因update..set.. [br]if instr(lcase(replace(request.form(cfsql_chrcontent)," ","")),"update")>0 and instr(lcase(replace(request.form(cfsql_chrcontent)," ","")),"set")>0 then [br]call cfsql_prompttitle() [br]end if [br]case else [br]if instr(lcase(replace(request.form(cfsql_chrcontent)," ","")),cfsql_sqlchrs(cfsql_i))>0 then [br]call cfsql_prompttitle() [br]end if [br]end select [br]next [br]next [br]end if[/p] [p][br]'====================================================== [br]'get方式處理 [br]'====================================================== [br]if request.querystring<>"" then [br]for each cfsql_chrcontent in request.querystring [br]for cfsql_i=0 to ubound(cfsql_sqlchrs) [br]select case cfsql_sqlchrs(cfsql_i) [br]case "select"'為避免select的多表關(guān)聯(lián)查詢 [br]if instr(lcase(replace(request.querystring(cfsql_chrcontent)," ","")),"select")>0 and instr(lcase(replace(request.querystring(cfsql_chrcontent)," ","")),"from")>0 then [br]call cfsql_prompttitle() [br]end if [br]case "update"'update作額外處理,因update..set.. [br]if instr(lcase(replace(request.querystring(cfsql_chrcontent)," ","")),"update")>0 and instr(lcase(replace(request.querystring(cfsql_chrcontent)," ","")),"set")>0 then [br]call cfsql_prompttitle() [br]end if [br]case else [br]if instr(lcase(replace(request.querystring(cfsql_chrcontent)," ","")),cfsql_sqlchrs(cfsql_i))>0 then [br]call cfsql_prompttitle() [br]end if [br]end select [br]next [br]next [br]end if[/p] [p]%>[/p] 該文章在 2010/7/14 1:02:31 編輯過 |
關(guān)鍵字查詢
相關(guān)文章
正在查詢... 
|
400 186 1886
