找回密码
 立即注册
SQLInjectionHelpTestSQLInjectionSQLInjectionThe | 企业管理 2022-09-20 78 0star收藏 版权: . 保留作者信息 . 禁止商业使用 . 禁止修改作品
新开发的项目被注入攻击了,帮她写了一个通用的注入程序,共享出来。原理很简单:使用Global.asax中的Application_BeginRequest(objectsender,EventArgse)事情,终结表单或URL提交数据的获取,然后通过SQLInjectionHelper类终结恶意代码的检测。本代码仅仅考虑到通用性和部署简便性,由于项目现已开发结束,并现已上线,为预防很多修复,才写的这个通用程序
App_Code\SQLInjectionHelper.cs
SQLInjection\TestSQLInjection.aspx
SQLInjection\TestSQLInjection.aspx.cs
Global.asax
.....

(The newly developed project was attacked by injection, so she helped her write a general injection program and shared it. The principle is very simple: use the Application_BeginRequest(objectsender, EventArgse) event in Global.asax to terminate the acquisition of form or URL submission data, and then terminate the detection of malicious code through the SQLInjectionHelper class. This code only takes into account the versatility and ease of deployment. Since the project has now been developed and is now online, this general program was written to prevent many fixes.
App_Code\SQLInjectionHelper.cs
SQLInjection\TestSQLInjection.aspx
SQLInjection\TestSQLInjection.aspx.cs
Global.asax
.....)

[下载]10330006766.rar




上一篇:斩断入Q黑手防黑k攻击(Windows系统防御)
下一篇:IT规划与信息安全规划[1]