SQL注入漏洞檢測原型工具

大小: 10.78MB

文件類型: .zip

金幣: 2

下載: 0 次

發布日期: 2023-10-12
語言: Java
標簽: SQL注入??原型工具??Java??爬蟲??Swing(Java)??

高速下載

資源簡介

一個SQL注入漏洞檢測原型工具，由SQL注入動態檢測工具，SQL漏洞靜態代碼檢測工具，測試用的網站3部分組成。用Java語言實現。運行時需eclipse等IDE支持。可供學習參考。

資源截圖

小圖大圖

代碼片段和文件信息

package?staticTest;

import?java.io.*;
import?java.util.ArrayList;
import?java.util.StringTokenizer;

public?class?Detector?{
	public?static?int?tag?=?1;
	private?File[]?files;

	public?Detector（File[]?files）?{
		this.files?=?files;
	}

	public?String?beginFix（）?throws?IOException?{

		String?reporter?=?““;

		RemoveComments?c?=?new?RemoveComments（）;
		String?fileName;

		for?（int?i?=?0;?i?
			tag?=?1;
			fileName?=?files[i].getPath（）;

			Reader?in?=?new?BufferedReader（new?FileReader（fileName））;
			String?source?=?c.remove（in）;
			in.close（）;

			ArrayList?str1?=?getLine（“prepareStatement“?source）;
			ArrayList?str2?=?getLine（“executeQuery“?source）;

			reporter?+=?checkStatement（str1?fileName）;
			reporter?+=?checkStatement（str2?fileName）;

			if?（tag?==?0）?{
				reporter?+=?“建議使用preparedstatement的setStringsetInt等方法\n\r“;
			}?else?{
				reporter?+=?“文件“?+?fileName?+?“沒有SQL注入漏洞。\n\r“;
			}
			reporter?+=?“\n\r===================\n“;
		}
		return?reporter;
	}

	private?static?String?checkStatement（ArrayList?str?String?fileName）?{

		String?reporter?=?““;

		for?（int?i?=?0;?i?
			int?begin?=?str.get（i）.indexOf（“（“）;
			String?statement?=?str.get（i）.substring（begin?+?1
					str.get（i）.length（）?-?1）;
			StringTokenizer?tokens?=?new?StringTokenizer（statement?“+“）;

			while?（tokens.hasMoreTokens（））?{
				String?word?=?tokens.nextToken（）;
				if?（!word.contains（“\““））?{
					tag?=?0;
					reporter?+=?“文件“?+?fileName?+?“中\n\r“;
					reporter?+=?str.get（i）?+?“\n語句可能會導致程序存在SQL注入漏洞\n“;
				}
			}
		}
		return?reporter;
	}

	private?static?ArrayList?getLine（String?string?String?source）?{

		int?begin?=?0;
		ArrayList?str?=?new?ArrayList（）;
		while?（（begin?=?（source.indexOf（string?begin）?+?1））?!=?0）?{
			int?end?=?source.indexOf（“）“?begin）;
			str.add（source.substring（begin?-?1?end?+?1））;
		}
		return?str;

	}
}

?屬性????????????大小?????日期????時間???名稱
-----------?---------??----------?-----??----
?????目錄???????????0??2013-11-06?22:36??SQL注入漏洞檢測\
?????目錄???????????0??2013-11-06?22:36??SQL注入漏洞檢測\Code\
?????目錄???????????0??2013-11-06?22:36??SQL注入漏洞檢測\Code\CodeSQLTestTool\
?????文件????????1039??2009-06-03?12:21??SQL注入漏洞檢測\Code\CodeSQLTestTool\1.JPG
?????目錄???????????0??2013-11-06?22:36??SQL注入漏洞檢測\Code\CodeSQLTestTool\lib\
?????文件???????62983??2009-06-03?12:21??SQL注入漏洞檢測\Code\CodeSQLTestTool\lib\activation-1.1.jar
?????文件??????588551??2009-06-03?12:21??SQL注入漏洞檢測\Code\CodeSQLTestTool\lib\appframework-1.0.jar
?????目錄???????????0??2013-11-06?22:36??SQL注入漏洞檢測\Code\CodeSQLTestTool\src\
?????目錄???????????0??2013-11-06?22:36??SQL注入漏洞檢測\Code\CodeSQLTestTool\src\staticTest\
?????文件????????2074??2009-06-03?12:21??SQL注入漏洞檢測\Code\CodeSQLTestTool\src\staticTest\Detector.java
?????文件????????4462??2009-06-03?12:21??SQL注入漏洞檢測\Code\CodeSQLTestTool\src\staticTest\FixJDialog.java
?????文件????????7854??2009-06-03?12:21??SQL注入漏洞檢測\Code\CodeSQLTestTool\src\staticTest\FixMainDialog.java
?????文件????????5164??2009-06-03?12:21??SQL注入漏洞檢測\Code\CodeSQLTestTool\src\staticTest\RemoveComments.java
?????目錄???????????0??2013-11-06?22:36??SQL注入漏洞檢測\Code\CodeSQLTestTool\src\staticTest\resources\
?????文件???????62983??2009-06-03?12:21??SQL注入漏洞檢測\Code\CodeSQLTestTool\src\staticTest\resources\activation-1.1.jar
?????文件??????588551??2009-06-03?12:21??SQL注入漏洞檢測\Code\CodeSQLTestTool\src\staticTest\resources\appframework-1.0.jar
?????文件?????????424??2009-06-03?12:21??SQL注入漏洞檢測\Code\CodeSQLTestTool\src\staticTest\resources\FixMainDialog.properties
?????目錄???????????0??2013-11-06?22:36??SQL注入漏洞檢測\Code\SQLInjection\
?????目錄???????????0??2013-11-06?22:36??SQL注入漏洞檢測\Code\SQLInjection\lib\
?????文件??????446464??2009-06-03?11:48??SQL注入漏洞檢測\Code\SQLInjection\lib\mysql-connector-java-3.1.12-bin.jar
?????目錄???????????0??2013-11-06?22:36??SQL注入漏洞檢測\Code\SQLInjection\src\
?????目錄???????????0??2013-11-06?22:36??SQL注入漏洞檢測\Code\SQLInjection\src\SQL_Bean\
?????文件????????2461??2009-06-03?11:48??SQL注入漏洞檢測\Code\SQLInjection\src\SQL_Bean\Delete.java
?????文件????????2899??2009-06-03?11:48??SQL注入漏洞檢測\Code\SQLInjection\src\SQL_Bean\LoginBean.java
?????文件????????2862??2009-06-03?11:48??SQL注入漏洞檢測\Code\SQLInjection\src\SQL_Bean\LoginBean2.java
?????文件????????3067??2009-06-03?11:48??SQL注入漏洞檢測\Code\SQLInjection\src\SQL_Bean\Register.java
?????文件????????1946??2009-06-03?11:48??SQL注入漏洞檢測\Code\SQLInjection\src\SQL_Bean\SearchMan.java
?????文件????????2616??2009-06-03?11:48??SQL注入漏洞檢測\Code\SQLInjection\src\SQL_Bean\selectAll.java
?????目錄???????????0??2013-11-06?22:36??SQL注入漏洞檢測\Code\SQLInjection\WebRoot\
?????文件????????1597??2009-06-03?11:48??SQL注入漏洞檢測\Code\SQLInjection\WebRoot\about.jsp
?????文件????????2266??2009-06-03?11:48??SQL注入漏洞檢測\Code\SQLInjection\WebRoot\author.jsp
............此處省略164個文件信息

上一篇：druid-0.2.20
下一篇：Spring 5 Design Patterns-Packt Publishing（2017）.pdf

91av视频/亚洲h视频/操亚洲美女/外国一级黄色毛片 - 国产三级三级三级三级

SQL注入漏洞檢測原型工具

資源簡介

資源截圖

代碼片段和文件信息

評論

相關資源