The test method and device of SQL injection attack
Technical field
The test method and device attacked the present embodiments relate to computer technology more particularly to a kind of SQL injection.
Background technology
Structured query language (Structured Query Language, hereinafter referred to as SQL) injection attack is exactly
Attacker is inserted into sql command in the input domain of webpage (Web) list or the inquiry string of page request, is applied in Web
When the server of system performs the inquiry string, spoofing server execution is mixed in the sql command of the malice in inquiry string.
In some lists, since content input by user is inherently used for building dynamic sql order, and attacker will at this time
Some " illegal " inputs are mixed into legal input input by user or using the input of these " illegal " as the defeated of storing process
Enter parameter (assuming that storing process is also used for building sql command at this time), so that this kind of list is particularly susceptible to SQL injection
Formula is attacked.Since the attack of SQL injection formula has occurred in Web application systems, attacker can submit looking into for one piece of data storehouse
Code (code has actually been mixed into illegal parameter) is ask, to inquire about database, so as to obtain some sensitive letters
The server of entire Web application systems is ceased or controlled, unpredictable influence is caused to Web application systems.
In the prior art in order to test the ability of the anti-SQL injection of Web application systems attack, following scheme is employed:It tests
Witness person carries out the Web application systems that needs are verified code analysis and inspection, and the anti-SQL injection of test Web application systems is attacked
The capacity of water hit.For example, verification personnel check in system code whether take single quotation marks processing, parametrization sentence etc. prevents
Whether the measure of SQL injection attack, forbid arranging for constructing SQL statement using external input alternatively, checking in code and employing
It applies to determine the capacity of water that the anti-SQL injection of Web application systems is attacked.
However, the method for the ability of the anti-SQL injection attack of prior art test Web application systems needs verification personnel to check
Relevant all codes are attacked with SQL injection, testing efficiency is low.
The content of the invention
The embodiment of the present invention provides a kind of test method and device of SQL injection attack, to solve to survey in the prior art
The technical issues of trying web application system anti-SQL injection attacking ability inefficiency.
In a first aspect, the embodiment of the present invention provides a kind of test method of SQL injection attack, including:
Each uniform resource position mark URL of terminal-pair web application performs the structured query language SQL injection point of attack
It determines operation, obtains the SQL injection point of attack on each URL;Wherein, the web application includes at least one URL;
The terminal is used according to corresponding test of each URL of SQL injection point of attack structure on each URL
Example;
The terminal is attacked the SQL injection of web application system according to each corresponding test cases of the URL and is carried out
Test.
With reference to first aspect, in the first possible embodiment of first aspect, the SQL injection point of attack determines
Operation, including:
The URL is sent to web application system server by the terminal, and the URL is used to indicate the web application
System server obtains the corresponding data of the URL from web application system database;
The terminal receives the response results that the web application system server is sent according to the URL;
The terminal obtains SQL statement corresponding with the URL in the web application system database, and according to described
The corresponding SQL statements of URL determine the SQL injection point of attack on the URL;Wherein, the corresponding SQL statements of the URL are described
Web application system server from the web application system database obtain the URL corresponding data when performed SQL
Sentence.
The possible embodiment of with reference to first aspect the first, in second of possible embodiment of first aspect
In, the web application includes a URL, and the entrance URL that the URL is web application system, then in the response results
Any URL is not carried, and each URL of the terminal-pair web application performs the SQL injection point of attack and determines to operate, and obtains each institute
The SQL injection point of attack on URL is stated, including:
The terminal obtains the entrance URL;
Entrance URL described in the terminal-pair performs the SQL injection point of attack and determines to operate, and obtains on the entrance URL
The SQL injection point of attack.
The possible embodiment of with reference to first aspect the first, in the third possible embodiment of first aspect
In, the web application includes entrance URL and at least one first URL, the URL are the entrance URL or described first
URL then carries the first URL to be tested in addition to the URL in the response results, the terminal receives the webpage should
After the response results sent with system server according to the URL, the SQL injection point of attack determines to operate, and further includes:
The terminal crawling in queue added to the terminal by the first URL to be tested.
The third possible embodiment with reference to first aspect, in the 4th kind of possible embodiment of first aspect
In, each URL of the terminal-pair web application performs the SQL injection point of attack and determines to operate, and obtains on each URL
The SQL injection point of attack, including:
The terminal obtains the entrance URL, and performs the SQL injection point of attack to the entrance URL and determine to operate,
Obtain the SQL injection point of attack on the entrance URL;
Each first URL to be tested crawled in queue of terminal described in the terminal-pair performs the SQL notes
Enter the point of attack to determine to operate, obtain the SQL injection point of attack on each first URL to be tested, until described crawl team
Until being classified as sky.
With reference to first aspect any one of to the 4th kind of possible embodiment of first aspect, the of first aspect
In five kinds of possible embodiments, the terminal is according to each URL of SQL injection point of attack structure on each URL
Corresponding test case, including:
The terminal parses the corresponding SQL statements of each URL, obtains SQL injection attack when institute on each URL
The information needed;
The terminal is required during SQL injection on the URL according to the SQL injection point of attack on each URL and each
Information, the corresponding test cases of each URL of structure.
The possible embodiment of with reference to first aspect the first is into the 5th kind of possible embodiment of first aspect
Any one, in the 6th kind of possible embodiment of first aspect, the terminal is according to the corresponding SQL statements of the URL
Determine the SQL injection point of attack on the URL, including:
The terminal is obtained according to the preset strategy, the corresponding SQL statements of the URL and the URL on the URL
The SQL injection point of attack.
With reference to first aspect any one of to the 6th kind of possible embodiment of first aspect, the of first aspect
In seven kinds of possible embodiments, the terminal is according to each URL of SQL injection point of attack structure on each URL
After corresponding test case, the method further includes:
The terminal obtains the test case after the corresponding optimizations of each URL;
Then the terminal according to each URL corresponding test cases the SQL injection of web application system is attacked into
Row test, including:
The terminal is according to the test case after each corresponding optimizations of the URL to the SQL of the web application system
Injection attacks are tested.
Second aspect, the embodiment of the present invention provide a kind of test method of SQL injection attack, including:
Web application system server receives the uniform resource position mark URL that terminal is sent, and the URL is used to indicate described
Web application system server obtains the corresponding data of the URL from web application system database;Wherein, the webpage should
With including at least one URL;
The web application system server accesses the web application system database according to the URL, described in acquisition
The corresponding data of URL;
The web application system server sends response results according to the corresponding data of the URL to the terminal.
The third aspect, the embodiment of the present invention provide a kind of terminal, including:
Point of attack determining module, for performing structuralized query language to each uniform resource position mark URL of web application
The speech SQL injection point of attack determines to operate, and obtains the SQL injection point of attack on each URL;Wherein, the web application bag
Include at least one URL;
Test case builds module, for according to each URL of SQL injection point of attack structure on each URL
Corresponding test case;
Test module, for being attacked according to each corresponding test cases of the URL the SQL injection of web application system
It is tested.
With reference to the third aspect, in the first possible embodiment of the third aspect, the point of attack determining module has
Body includes:
Transmitting element, for the URL to be sent to web application system server, the URL is used to indicate the net
Page application system server obtains the corresponding data of the URL from web application system database;
Receiving unit, for receiving the response results that the web application system server is sent according to the URL;
Point of attack determination unit, for obtaining SQL languages corresponding with the URL in the web application system database
Sentence, and determine according to the corresponding SQL statements of the URL SQL injection point of attack on the URL;Wherein, the URL is corresponding
SQL statement obtains the corresponding data of the URL for the web application system server from the web application system database
When performed SQL statement.
With reference to the first possible embodiment of the third aspect, in second of possible embodiment of the third aspect
In, the web application includes a URL, and the entrance URL that the URL is web application system, then in the response results
Any URL is not carried, and the point of attack determining module is performed specifically for obtaining the entrance URL, and to the entrance URL
The SQL injection point of attack determines to operate, and obtains the SQL injection point of attack on the entrance URL.
With reference to the first possible embodiment of the third aspect, in the third possible embodiment of the third aspect
In, the web application includes entrance URL and at least one first URL, the URL are the entrance URL or described first
URL then carries the first URL to be tested in addition to the URL, then the point of attack determining module in the response results,
It further includes:
Adding device sends for receiving the web application system server in the receiving unit according to the URL
Response results after, the first URL to be tested is added to the terminal and is crawled in queue.
With reference to the third possible embodiment of the third aspect, in the 4th kind of possible embodiment of the third aspect
In, the point of attack determining module specifically for obtaining the entrance URL, and performs the entrance URL SQL injection attack
Point determines operation, obtains the SQL injection point of attack on the entrance URL;And to being treated described in the crawling in queue of the terminal
Each first URL of test performs the SQL injection point of attack and determines to operate, and obtains the SQL on each first URL to be tested
Injection attacks point, until queue is crawled described in as sky.
Any one of the 4th kind of possible embodiment with reference to the third aspect to the third aspect, the of the third aspect
In five kinds of possible embodiments, the test case builds module, specifically for parsing the corresponding SQL languages of each URL
Sentence, required information when obtaining SQL injection attack on each URL, and attacked according to the SQL injection on each URL
Required information during SQL injection on point and each URL builds the corresponding test cases of each URL.
With reference to the third aspect the first possible embodiment into the 5th kind of possible embodiment of the third aspect
Any one, in the 6th kind of possible embodiment of the third aspect, the point of attack determination unit, specifically for according to institute
Preset strategy, the corresponding SQL statements of the URL and the URL are stated, obtains the SQL injection point of attack on the URL.
Any one of the 6th kind of possible embodiment with reference to the third aspect to the third aspect, the of the third aspect
In seven kinds of possible embodiments, the terminal further includes:
Acquisition module, for obtaining the test case after the corresponding optimizations of each URL;
The then test module, specifically for the test case after the basis each corresponding optimizations of the URL to the net
The SQL injection attack of page application system is tested.
Fourth aspect, the embodiment of the present invention provide a kind of web application system server, including:
Receiving module, for receiving the uniform resource position mark URL of terminal transmission, the URL is used to indicate the webpage
Application system server obtains the corresponding data of the URL from web application system database;Wherein, the web application bag
Include at least one URL;
For accessing the web application system database according to the URL, it is corresponding to obtain the URL for acquisition module
Data;
Sending module, for sending response results to the terminal according to the corresponding data of the URL.
The test method and device of SQL injection attack provided in an embodiment of the present invention, pass through the every of terminal-pair web application
A URL performs the SQL injection point of attack and determines to operate, and obtains the SQL injection point of attack on each URL, and according on each URL
The SQL injection point of attack builds the corresponding test cases of each URL, so as to be answered according to the corresponding test cases of each URL webpage
It is tested with the SQL injection attack of system.Technical solution provided in an embodiment of the present invention, saves and verifies net in the prior art
The testing time of the anti-SQL injection attack of page application system improves the test effect of the anti-SQL injection attack of verification web application system
Rate and measuring accuracy.
Description of the drawings
It in order to illustrate more clearly about the embodiment of the present invention or technical scheme of the prior art, below will be to embodiment or existing
There is attached drawing needed in technology description to be briefly described, it should be apparent that, the accompanying drawings in the following description is this hair
Some bright embodiments, for those of ordinary skill in the art, without having to pay creative labor, can be with
Other attached drawings are obtained according to these attached drawings.
Fig. 1 is the flow diagram of the test method embodiment one of SQL injection provided by the invention attack;
Fig. 2 is the flow diagram of the test method embodiment two of SQL injection provided by the invention attack;
Fig. 3 is the flow diagram of the test method embodiment three of SQL injection provided by the invention attack;
Fig. 4 is the flow diagram of the test method example IV of SQL injection provided by the invention attack;
Fig. 5 is the flow diagram of the test method embodiment five of SQL injection provided by the invention attack;
Fig. 6 is the structure diagram of terminal embodiment one provided by the invention;
Fig. 7 is the structure diagram of terminal embodiment two provided by the invention;
Fig. 8 is the structure diagram of terminal embodiment three provided by the invention;
Fig. 9 is the structure diagram of terminal embodiment four provided by the invention;
Figure 10 is the structure diagram of web application system server embodiment provided by the invention.
Specific embodiment
To make the purpose, technical scheme and advantage of the embodiment of the present invention clearer, below in conjunction with the embodiment of the present invention
In attached drawing, the technical solution in the embodiment of the present invention is clearly and completely described, it is clear that described embodiment is
Part of the embodiment of the present invention, instead of all the embodiments.Based on the embodiments of the present invention, those of ordinary skill in the art
All other embodiments obtained without creative efforts belong to the scope of protection of the invention.
Terminal involved in the application can be communicated in webpage (Web) application system with web application system server
Any communication equipment, such as:Mobile terminal, computer, test equipment etc. are integrated with test client in the terminal, are used for
The test anti-structured query language of webpage application system (Structured Query Language, hereinafter referred to as SQL) injection is attacked
The ability hit.
This application involves web application system server, can be the resource for deploying web application and web application
Server, for the URL processing sent to terminal, and for accessing web application resource in web application system database
Corresponding data.
This application involves web application system database, can be deployed on above-mentioned web application system server, also
It can be deployed on other servers different from above-mentioned web application system server, as long as can be with above-mentioned web application system
System server interacts.
Fig. 1 is the flow diagram of the test method embodiment one of SQL injection provided by the invention attack.As shown in Figure 1,
This method includes:
S101:Terminal-pair web application each uniform resource locator (Uniform Resoure Locator, below
Abbreviation URL) it performs the SQL injection point of attack and determines to operate, obtain the SQL injection point of attack on each URL;Wherein, it is described
Web application includes at least one URL.
Specifically, terminal obtains the URL of a certain web application.Optionally, can be user inputted in terminal webpage should
URL can also be that the URL that other communication equipments send web application to terminal can also be terminal active obtaining
URL.Web application can include one or more URL.Web application can be the applications such as webpage QQ, Web bank, Taobao.
Each URL acquired in terminal-pair performs the SQL injection point of attack and determines to operate, and is noted with the SQL determined on each URL
Enter the point of attack.Because when carrying out SQL injection attack to web application, attacker is generally by the URL in the web application
The SQL of upper insertion malice performs order so that after the URL of malicious commands has been inserted into the execution of web application system server, webpage
The safety of application system is on the hazard.Therefore, terminal needs determine to operate by performing the SQL injection point of attack, determine each URL
On can be by the SQL injection point of attack that attacker utilizes.
It should be noted that the above-mentioned SQL injection point of attack determines that operation can be terminal, web application system server two
The operation for determining the SQL injection point of attack is interacted by URL between person or terminal is obtained by web application system server
Data corresponding with URL and SQL statement corresponding with the URL in web application system database are taken, by the SQL statement
Analysis determine the operation of the SQL injection point of attack.
S102:Terminal is used according to corresponding test of each URL of SQL injection point of attack structure on each URL
Example.
S103:Terminal is attacked the SQL injection of web application system according to each corresponding test cases of the URL and is carried out
Test.
Specifically, when terminal gets the SQL injection point of attack of each URL of above-mentioned web application, according to each SQL
Injection attacks point builds the corresponding test cases of each URL, which is to attack web application system for simulated strike person
System, therefore, terminal tests the SQL injection attack of web application system using the corresponding test cases of each URL.It is false
If terminal utilizes the URL in test case to access web application system database, if being wrapped in the access result that terminal determines
The sensitive information of some users is included, such as:Password, title, address etc. (possibility that normal URL is obtained is common information,
For example, when web application is Taobao, common information should be the merchandise news of Taobao, but terminal acquisition is washing in a pan for user
Precious password), then illustrate that the web application system is not resistant to SQL injection attack actually.
In the prior art, by verifying that personnel analyze the code of web application system one by one, web application is judged
Whether the code in system takes the measure for shouldering SQL injection attack, to verify the energy of the anti-SQL injection attack of web application system
Power, workload is very big, and the personnel that verify need to check attacks relevant all codes, inefficiency with SQL injection, and requirement is tested
Witness person needs stronger code analysis ability;In addition, when web application system includes third party software (such as Microsoft
A certain software) when, since verification personnel can not know the source code of the third party software, can not also analyze in the code is
It is no to take the measure for preventing that SQL injection from attacking, so as to know the ability of the anti-SQL injection attack of web application system.
But technical solution provided in an embodiment of the present invention, a certain application in web application system is obtained by terminal
All URL, and determine the SQL injection point of attack on these URL, according to the SQL injection point of attack structure on identified all URL
It builds to simulate the test case that SQL injection is attacked, energy is attacked to the anti-SQL injection of web application system with these test cases
Power is tested, and need not be verified personnel's manual authentication and be analyzed the ability of the anti-SQL injection attack of web application system, thus
The time of test is saved, improves testing efficiency, and measuring accuracy is high;In addition, for cracking mechanism with anti-violence
Web application system, the Black-box Testing method of the prior art can not test the anti-SQL injection attack of webpage application system
Ability, but using the technical solution of the embodiment of the present invention, can simulated strike effectively be carried out to web application system, determine net
The ability of the anti-SQL injection attack of page application system.
The test method of SQL injection attack provided in an embodiment of the present invention, is held by each URL of terminal-pair web application
The row SQL injection point of attack determines to operate, and obtains the SQL injection point of attack on each URL, and according to the SQL injection on each URL
The point of attack builds the corresponding test cases of each URL, thus according to the corresponding test cases of each URL to web application system
SQL injection attack is tested.Technical solution provided in an embodiment of the present invention saves and verifies web application system in the prior art
It unites the testing time that anti-SQL injection is attacked, improves testing efficiency and the test of the anti-SQL injection attack of verification web application system
Precision.
Fig. 2 is the flow diagram of the test method embodiment two of SQL injection provided by the invention attack.The present embodiment relates to
And be terminal-pair web application each URL perform the SQL injection point of attack determine operation detailed process.Further, exist
On the basis of above-described embodiment, above-mentioned S101 can specifically include:
S201:The URL is sent to web application system server by terminal, and the URL is used to indicate the webpage should
The corresponding data of the URL are obtained from web application system database with system server.
Specifically, since terminal is intended to obtain the SQL injection point of attack on each URL, i.e. each URL of terminal-pair is performed both by
The above-mentioned SQL injection point of attack determines to operate, and therefore, following technical proposals (are set to 1# with a URL of terminal-pair web application
URL the SQL injection point of attack) is performed to determine to illustrate exemplified by operating:
Terminal is sent to web application system server after the 1#URL of a certain web application is got, by 1#URL.It should
Web application system server is stores the memory of the resource of the web application, optionally, when the web application is " Baidu "
When, the resource of the web application can be news list, just list of Baidu etc., but the data in the resource of the web application
It is stored in web application system database.Also, optional, which can be integrated in the webpage
On application system server, it can also be arranged on other servers, and in the offer of above-mentioned web application system server
State the corresponding data of resource of web application.
After web application system server receives above-mentioned 1#URL, the money of the corresponding web applications of the 1#URL is determined
Source, afterwards, web application system server access web application system data according to the resource of the corresponding web applications of the 1#URL
Storehouse obtains the corresponding data of resource of the web application from web application system database.
It should be noted that web application system server accesses webpage according to the resource of the corresponding web applications of 1#URL
The process of application system database performs several SQL languages actually in web application system database according to 1#URL
Sentence, so as to obtain the process of corresponding data.
S202:Terminal receives the response results that the web application system server is sent according to the URL.
S203:Terminal obtains SQL statement corresponding with the URL in the web application system database, and according to institute
It states the corresponding SQL statements of URL and determines the SQL injection point of attack on the URL;Wherein, the corresponding SQL statements of the URL are institute
State web application system server from the web application system database obtain the URL corresponding data when it is performed
SQL statement.
Specifically, web application system server gets the corresponding data of 1#URL from web application system database
Afterwards, response results are sent to terminal, which can carry the corresponding data of 1#URL.
Further, terminal obtains web application system server to obtain the corresponding data of 1#URL in web application system
Several performed SQL statements in system database, it is exactly SQL statement corresponding with the 1#URL that these SQL statements, which are, afterwards
These SQL statements of terminal-pair are analyzed, and determine the SQL injection point of attack on the 1#URL.
It should be noted that the step of S202 and S203 there is not sequential restriction, i.e. S202 can also be performed after S203.
In conclusion terminal is the SQL injection point of attack determined on 1#URL.Also, for the every of web application
A URL, terminal determine the SQL injection point of attack on each URL still according to above-mentioned embodiment shown in Fig. 2.
Fig. 3 is the flow diagram of the test method embodiment three of SQL injection provided by the invention attack.In above-mentioned implementation
On the basis of example, the present embodiment is referred to when web application includes a URL, and the entrance that the URL is web application
URL, the SQL injection point of attack of the terminal determined by the URL, builds the corresponding test cases of the URL, and according to the survey
The detailed process that example on probation tests the anti-SQL injection attacking ability of web application system.As shown in figure 3, this method bag
It includes:
S301:Terminal obtains the entrance URL of the web application.
Specifically, the web application in the present embodiment only includes an entrance URL.Optionally, can be user in terminal
The upper entrance URL for inputting the web application, can also be that other communication equipments send the entrance of the web application to terminal
URL。
S302:The entrance URL is sent to web application system server by terminal, and the entrance URL is used to indicate institute
It states web application system server and the corresponding data of the entrance URL is obtained from web application system database.
Specifically, terminal is sent to web application system server after above-mentioned entrance URL is got, by entrance URL.It should
Web application system server is stores the memory of the resource of the web application, and the data in the resource of the web application are deposited
Storage is in web application system database.Optionally, which can be integrated in the web application system
It on server, can also be arranged on other servers, and provide above-mentioned webpage to above-mentioned web application system server and answer
The corresponding data of resource.
After web application system server receives entrance URL, the money of the corresponding web applications of entrance URL is determined
Source, afterwards, web application system server access web application system number according to the resource of the corresponding web applications of entrance URL
According to storehouse, the corresponding data of resource of the web application are obtained from web application system database, that is, determine that entrance URL is corresponded to
Data.
It should be noted that web application system server accesses net according to the resource of the corresponding web applications of entrance URL
The process of page application system database, several SQL are performed actually in web application system database according to entrance URL
Sentence, so as to obtain the process of the corresponding data of entrance URL.
S303:Terminal receives the response results that the web application system server is sent according to the entrance URL.
Specifically, after terminal receives the response results of network application system server transmission, which is carried out
Parsing, knows that the response results do not carry any URL.I.e. terminal, which is known, only includes a URL in the web application, it is only necessary to
Following operations is performed to entrance URL.Optionally, the corresponding numbers of above-mentioned entrance URL can be carried in the response results
According to.
S304:Terminal obtains SQL statement corresponding with the entrance URL in the web application system database, and root
The SQL injection point of attack on the entrance URL is determined according to the corresponding SQL statements of the entrance URL;Wherein, URL pairs of the entrance
The SQL statement answered obtains URL pairs of the entrance for the web application system server from the web application system database
Performed SQL statement during the data answered.
Specifically, in web application system database, web application system server is the corresponding numbers of acquisition entrance URL
It is stored according to performed SQL statement in the SQL daily records of web application system database, also, in web application system service
Before device accesses web application system database according to entrance URL, which is sky.When web application system server root
When accessing web application system database according to entrance URL, web application system server is the corresponding data of acquisition entrance URL,
It is corresponding to perform the corresponding SQL statements of entrance URL (SQL statement be one, or a plurality of), and the entrance
The corresponding SQL statements of URL are preserved into the SQL daily records.When above-mentioned web application system database is integrated in above-mentioned web application
In system server, terminal can be obtained by the SQL log interfaces in invoking web page application system database in SQL daily records
The corresponding SQL statements of entrance URL.When above-mentioned web application system database is integrated on another server, then terminal can be with
According to the version and type of web application system database, know that above-mentioned SQL daily records are stored in another server with document form
On location information, and then according to the location information access this document, obtain the corresponding SQL statements of entrance URL.
After terminal obtains entrance URL corresponding SQL statement, preset strategy of the terminal according to itself, URL pairs of above-mentioned entrance
The SQL statement and entrance URL answered, obtain the SQL injection point of attack on entrance URL, which can be:Terminal is according to entering
The location information of identical parameters in mouthful URL and the corresponding SQL statements of entrance URL, to determine the SQL injection on entrance URL
The point of attack.
S305:Terminal builds the corresponding tests of the entrance URL according to the SQL injection point of attack on the entrance URL and uses
Example.
Specifically, after terminal acquisition entrance URL corresponding SQL statements, the corresponding SQL statements of entrance URL are parsed, are obtained
SQL injection is taken to attack required information when on entrance URL, information here can be that SQL injection is attacked required for entrance URL
The information such as database table, field and value;Afterwards, terminal is according to the SQL injection point of attack on above-mentioned entrance URL and SQL injection
Attack the required information of entrance URL, the corresponding test cases of structure entrance URL.
S306:Terminal is attacked the SQL injection of web application system according to the corresponding test cases of the entrance URL and is carried out
Test.
In order to better illustrate the technical solution of the present embodiment, can be illustrated herein with simply example:
Example one:Assuming that terminal obtain entrance URL for "http://192.168.1.2/search/user Condition=greater&age=20", terminal is after S301 to S304 is performed, the SQL corresponding with entrance URL of acquisition
Sentence is " SELECT name, age, location FROM users WHERE age>20 ", URL pairs of terminal-pair above-mentioned entrance
The SQL statement answered is parsed, and obtains required information when SQL injection attacks entrance URL, which includes:Table name
The parameter " age=20 " of users, field name, age, location and entrance URL;Terminal-pair is than entrance URL and entrance
The corresponding SQL statements of URL determine the position of the corresponding SQL injection points of attack of entrance URL as the position of " 20 " in entrance URL,
Parameter replacement can be carried out on this position, i.e. attacker is easiest to the position of insertion malicious instructions.
Afterwards, terminal replaces with " 20 " default according to the corresponding SQL injection points of attack of above-mentioned identified entrance URL
Content " 999 union select name, age, location from users " so that the attack SQL languages ultimately produced
Sentence becomes " SELECT name, age, location FROM users WHERE age>999union select name,
Age, location from users " form the corresponding test cases of entrance URL (attack URL and attack SQL i.e. in table 1
Sentence).It may refer to shown in table 1:
Table 1
Finally, the terminal test case tests the SQL injection attack of web application system.
The test method of SQL injection attack provided in an embodiment of the present invention, is held by the entrance URL of terminal-pair web application
The row SQL injection point of attack determines to operate, and obtains the SQL injection point of attack on entrance URL, and according to the SQL injection on entrance URL
The point of attack builds the corresponding test cases of entrance URL, thus according to the corresponding test cases of entrance URL to web application system
SQL injection attack tested.Technical solution provided in an embodiment of the present invention, saves and verifies web application in the prior art
The testing time of the anti-SQL injection attack of system improves testing efficiency and the survey of the anti-SQL injection attack of verification web application system
Try precision.
Fig. 4 is the flow diagram of the test method example IV of SQL injection provided by the invention attack.In above-mentioned implementation
On the basis of example one and embodiment two, the present embodiment refers to include entrance URL and at least one first URL when web application
When, terminal builds the corresponding test cases of each URL according to the SQL injection point of attack on identified each URL, and according to
The detailed process that each test case tests the anti-SQL injection attacking ability of web application system.It as shown in figure 4, should
Method includes:
S401:Terminal obtains the entrance URL of the web application.
Specifically, can be the entrance URL that user inputs the web application in terminal, it can also be that other communications are set
The standby entrance URL that the web application is sent to terminal, can also be the entrance URL of the web application of terminal active obtaining.
S402:The entrance URL is sent to web application system server by terminal, and the entrance URL is used to indicate institute
It states web application system server and the corresponding data of the entrance URL is obtained from web application system database.
Specifically, may refer to the detailed process of above-mentioned S302, details are not described herein.
S403:Terminal receives the response results that the web application system server is sent according to the entrance URL.
Specifically, after terminal receives the response results of network application system server transmission, which is carried out
The first URL to be tested carried in the response results in addition to the entrance URL is known in parsing.Here to be tested
One URL can be the first URL all in above-mentioned web application, or the first URL of part.
When terminal determines to carry the URL to be tested in addition to entrance URL in the response results, terminal is known
The web application includes at least one URL, it is necessary to build test case for each URL.
S404:Terminal crawling in queue added to the terminal by the first URL to be tested.
S405:Terminal obtains SQL statement corresponding with the entrance URL in the web application system database, and root
The SQL injection point of attack on the entrance URL is determined according to the corresponding SQL statements of the entrance URL;Wherein, URL pairs of the entrance
The SQL statement answered obtains URL pairs of the entrance for the web application system server from the web application system database
Performed SQL statement during the data answered.
The description of above-mentioned S304 is specifically may refer to, details are not described herein.
S406:Above-mentioned each first URL to be tested crawled in queue of terminal-pair performs the step of S402 to S405
Suddenly, the SQL injection point of attack on above-mentioned each first URL to be tested is obtained, until queue is crawled described in as sky.
In order to better illustrate the cyclic process, this sentences a simply example to illustrate:
Example two:Assuming that web application includes 4 URL, it is URL1, URL2, URL3 and URL4 respectively, wherein, URL1 is
The entrance URL, URL2, URL3 and URL4 of the web application are the first URL to be tested.When terminal determines that URL1 is corresponding
After the SQL injection point of attack, terminal parses the corresponding response results of the URL1, which includes the URL2 of the web application
And URL3, terminal the URL2 and URL3 are stored in crawling in queue.I.e. terminal-pair URL1 performs above-mentioned S402 to S405
The step of.
Further, terminal reads out URL2 from crawling in queue, the step of performing above-mentioned S402 to S405 to the URL2,
Here only need the entrance URL in above-mentioned S402 to S405 steps replacing with URL2 (can replace with one by entrance URL
First URL to be tested), terminal is after execution S402 to the step of S405, it is determined that the SQL injection point of attack on URL2, and
Web application system server, which is sent in the response results of terminal, includes URL4, which is added to and crawls queue by terminal
In.Optionally, the corresponding data of URL2 can be carried in the URL4.After terminal determines the SQL injection point of attack on URL2,
URL2 is removed from crawling in queue.
Further, terminal reads out URL3 from crawling in queue, the step of performing above-mentioned S402 to S405 to the URL3,
Here only need the entrance URL in above-mentioned S402 to S405 steps replacing with URL3 (can replace with one by entrance URL
First URL to be tested), terminal is after execution S402 to the step of S405, it is determined that the SQL injection point of attack on URL3, and
Terminal determines that the response results that web application system server is sent do not carry URL to be tested again, then terminal knows webpage
It has been added to and is crawled in queue using the URL included.Optionally, the corresponding numbers of URL3 can be carried in the response results
According to.After terminal determines the SQL injection point of attack on URL3, URL3 is removed from crawling in queue.
Further, terminal reads out URL4 from crawling in queue, the step of performing above-mentioned S402 to S405 to the URL4,
Here only need the entrance URL in above-mentioned S402 to S405 steps replacing with URL4 (can replace with one by entrance URL
First URL to be tested), terminal is after execution S402 to the step of S405, it is determined that the SQL injection point of attack on URL4, and
Terminal determines that the response results that web application system server is sent do not carry the first URL to be tested again, then terminal is known
The URL that web application is included, which has been added to, to be crawled in queue.Optionally, can to carry URL4 in the response results corresponding
Data.After terminal determines the SQL injection point of attack on URL4, URL4 is removed from crawling in queue, terminal determines afterwards
Queue is crawled as sky.
S407:The SQL injection point of attack of the terminal on each URL in web application builds the corresponding surveys of each URL
Example on probation.
Specifically, according to above-mentioned example two, terminal needs to build the corresponding test cases of URL1, URL2 respectively at this time corresponding
The corresponding test case of test case, URL3 and the corresponding test cases of URL4.The specific building process of test case can join
See the example one in the S305 in embodiment three and embodiment three.
S408:Terminal is attacked the SQL injection of web application system according to the corresponding test cases of above-mentioned each URL and is carried out
Test.
The test method of SQL injection attack provided in an embodiment of the present invention, is held by each URL of terminal-pair web application
The row SQL injection point of attack determines to operate, and obtains the SQL injection point of attack on each URL, and according to the SQL injection on each URL
The point of attack builds the corresponding test cases of each URL, thus according to the corresponding test cases of each URL to web application system
SQL injection attack is tested.Technical solution provided in an embodiment of the present invention saves and verifies web application system in the prior art
It unites the testing time that anti-SQL injection is attacked, improves testing efficiency and the test of the anti-SQL injection attack of verification web application system
Precision.
Further, in order to better improve to the accurate testing degree of the anti-SQL injection attacking ability of web application system,
On the basis of above-mentioned Fig. 1 to Fig. 4 illustrated embodiment, after above-mentioned S102 or S305 or S407, the method further includes:Eventually
End obtains the test case after the corresponding optimizations of each URL.
Specifically, after each URL of terminal-pair web application constructs test case respectively, by these test cases
It optimizes, optionally, can calibrate or can also be that verification personnel optimize it to test case, make
Terminal is obtained to test the SQL injection attack of web application system according to the test case after the corresponding optimizations of each URL.
The test method of SQL injection provided in an embodiment of the present invention attack, by the test case constructed by terminal into
Row optimization, and the anti-SQL injection attacking ability of web application system is tested using the test case after optimization, it improves
The measuring accuracy of the anti-SQL injection attacking ability of web application system.
Fig. 5 is the flow diagram of the test method embodiment five of SQL injection provided by the invention attack.As shown in figure 5,
This method includes:
S501:Web application system server receives the URL that terminal is sent, and the URL is used to indicate the web application
System server obtains the corresponding data of the URL from web application system database;Wherein, the web application is included extremely
A few URL.
Specifically, terminal obtains the URL of a certain web application, and acquired URL is sent to web application system clothes
Business device.Optionally, the mode that terminal obtains the URL of web application can be the URL that user inputs web application in terminal, also
Can be that the URL that other communication equipments send web application to terminal can also be the URL of terminal active obtaining.Web application
Can be the applications such as webpage QQ, Web bank, Taobao.Above-mentioned web application system server is the resource for storing the web application
Memory, optionally, when the web application is " Baidu ", the resource of the web application can be Baidu news list,
Just list etc., but the data in the resource of the web application are stored in web application system database.It is also, optional
, which can be integrated on the web application system server, can also be arranged on other clothes
It is engaged on device, and the corresponding data of resource of above-mentioned web application is provided to above-mentioned web application system server.
It should be noted that above-mentioned web application can include at least one URL, for each URL of web application,
Operation performed by terminal is identical.
S502:Web application system server accesses the web application system database according to the URL, described in acquisition
The corresponding data of URL.
Specifically, after web application system server receives above-mentioned URL, the corresponding web applications of the URL are determined
Resource, afterwards, web application system server access web application system data according to the resource of the corresponding web applications of the URL
Storehouse obtains the corresponding data of resource of the web application, that is, the corresponding numbers of the URL from web application system database
According to.
It should be noted that web application system server accesses net according to the resource of the corresponding web applications of above-mentioned URL
The process of page application system database, several SQL are performed actually in web application system database according to above-mentioned URL
Sentence, so as to obtain the process of corresponding data.
S503:Web application system server sends response results according to the corresponding data of the URL to the terminal.
Specifically, web application system server gets the corresponding numbers of above-mentioned URL from web application system database
According to rear, response results are sent to terminal.
If above-mentioned web application only includes a URL, and the URL is entrance URL, then above-mentioned web application server obtains
Response results in only carry the corresponding data of entrance URL, then terminal after response results are received, to response results carry out
Parsing knows that the web application only includes an entrance URL, then terminal only analyzes the corresponding SQL statements of entrance URL,
It determines the SQL injection point of attack on entrance URL, and the corresponding test cases of entrance URL is determined according to the SQL points of attack,
The anti-SLQ injection attacks ability of above-mentioned web application system is verified according to the test case.It specifically may refer to shown in above-mentioned Fig. 3
Terminal embodiment, details are not described herein.
If above-mentioned web application includes multiple URL, this multiple URL includes an entrance URL and at least one first URL,
The response results that then above-mentioned web application server obtains can carry the corresponding data of entrance URL and a part of to be tested the
One URL can also carry some corresponding data of the first URL and in addition to the first URL and to be measured in queue with crawling
Different other the first URL to be tested of the first URL of examination, it is (this can also only to carry some corresponding data of the first URL
Situation crawls the situation of queue to be added to all URL of web application).Terminal is after response results are received, to this
Response results are parsed, and determine whether to carry the first URL to be tested in response results that (the first URL to be tested can be with
For one, or multiple), if carrying, the first URL to be tested carried in response results can be added to and climb by terminal
Queue is taken, and the accessed corresponding SQL statements of the URL for being currently sending to web application server are analyzed, is determined
The SQL injection point of attack being currently sending on the URL of web application server, afterwards, terminal continue to read from crawling in queue
Any first URL to be tested, and above-mentioned same process is performed, determine the SQL injection point of attack on the first URL, and really
It is fixed that whether by the others carried in response results the first URL to be tested, (these the first URL are crawled with having been added in queue
The first URL to be tested be different, belong to another part of web application the first URL to be tested) be added to crawl team
Row.And so on, each URL of terminal-pair web application performs similar operation, until queue is crawled as sky, so as to
Determine the SQL injection point of attack on each URL.Finally, terminal determines each URL according to the SQL injection point of attack on each URL
Corresponding test case, and according to the anti-SLQ injection attacks ability of the above-mentioned web application system of these test cases verification.Specifically
The embodiment of above-mentioned terminal shown in Fig. 4 is may refer to, details are not described herein.
The test method of SQL injection attack provided in an embodiment of the present invention receives terminal by web application server and sends out
The URL sent, and web application system database is accessed according to the URL, the corresponding data of the URL are obtained, and are corresponded to according to the URL
Data to terminal send response results so that terminal can determine after web application system obtains the corresponding data of the URL
The corresponding SQL statements of the URL, and the SQL injection point of attack on above-mentioned URL is obtained according to the SQL statement, and according to identified
The SQL injection point of attack builds the corresponding test cases of above-mentioned URL, thus according to the test case to the SQL of web application system
Injection attacks are tested.Technical solution provided in an embodiment of the present invention saves verification web application system in the prior art
The testing time of anti-SQL injection attack improves the testing efficiency and test essence of the anti-SQL injection attack of verification web application system
Degree.
One of ordinary skill in the art will appreciate that:Realizing all or part of step of above-mentioned each method embodiment can lead to
The relevant hardware of program instruction is crossed to complete.Foregoing program can be stored in a computer read/write memory medium.The journey
Sequence upon execution, execution the step of including above-mentioned each method embodiment;And foregoing storage medium includes:ROM, RAM, magnetic disc or
The various media that can store program code such as person's CD.
Fig. 6 is the structure diagram of terminal embodiment one provided by the invention.It can be with integration testing client in the terminal.
As shown in fig. 6, the terminal includes:Point of attack determining module 10, test case structure module 11 and test module 12.
Wherein, point of attack determining module 10, for performing structuring to each uniform resource position mark URL of web application
The query language SQL injection point of attack determines to operate, and obtains the SQL injection point of attack on each URL;Wherein, the webpage
Using including at least one URL;Test case builds module 11, for according to the SQL injection point of attack structure on each URL
Build the corresponding test cases of each URL;Test module 12, for according to the corresponding test cases of each URL to net
The SQL injection attack of page application system is tested.
Terminal provided in an embodiment of the present invention can perform above method embodiment, implementing principle and technical effect class
Seemingly, details are not described herein.
Fig. 7 is the structure diagram of terminal embodiment two provided by the invention.On the basis of the embodiment shown in above-mentioned Fig. 6
On, further, above-mentioned point of attack determining module 10 specifically includes:Transmitting element 101, for the URL to be sent to webpage
Application system server, the URL are used to indicate the web application system server and are obtained from web application system database
Take the corresponding data of the URL;Receiving unit 102 sends for receiving the web application system server according to the URL
Response results;Point of attack determination unit 103, it is corresponding with the URL in the web application system database for obtaining
SQL statement, and determine according to the corresponding SQL statements of the URL SQL injection point of attack on the URL;Wherein, described URL pairs
The SQL statement answered is corresponding from the web application system database acquisition URL for the web application system server
Performed SQL statement during data.
Terminal provided in an embodiment of the present invention can perform above method embodiment, implementing principle and technical effect class
Seemingly, details are not described herein.
Optionally, if the web application includes a URL, and the entrance URL that the URL is web application system, then
Do not carry any URL in the response results, the point of attack determining module 10, specifically for obtaining the entrance URL, and it is right
The entrance URL performs the SQL injection point of attack and determines to operate, and obtains the SQL injection point of attack on the entrance URL.
Optionally, if the web application includes entrance URL and at least one first URL, the URL are the entrance
First URL of URL or described then carry the first URL to be tested in addition to the URL, then above-mentioned in the response results
On the basis of embodiment illustrated in fig. 7, the structure diagram of the embodiment three of terminal as shown in Figure 8, the above-mentioned point of attack determines mould
Block 10 can also include:Adding device 104, for receiving the web application system server root in the receiving unit 102
After the response results sent according to the URL, by the first URL to be tested crawling in queue added to the terminal.
With reference to Fig. 8, further, the point of attack determining module 10, specifically for obtaining the entrance URL, and to institute
It states the entrance URL execution SQL injection points of attack to determine to operate, obtains the SQL injection point of attack on the entrance URL;And to described
Each first URL to be tested crawled in queue of terminal performs the SQL injection point of attack and determines to operate, and is treated described in acquisition
The SQL injection point of attack on each first URL of test, until queue is crawled described in as sky.
Further, test case structure module 11 described above, it is corresponding specifically for parsing each URL
SQL statement, required information when obtaining SQL injection attack on each URL, and according to the SQL injection on each URL
Required information during SQL injection on the point of attack and each URL builds the corresponding test cases of each URL.
Further, the point of attack determination unit 103, specifically for according to the preset strategy, URL correspondences
SQL statement and the URL, obtain the SQL injection point of attack on the URL.
Fig. 9 is the structure diagram of the example IV of terminal provided by the invention.Real shown in above-mentioned Fig. 6 or Fig. 7 or Fig. 8
On the basis of applying example, further, which can also include:Acquisition module 13, it is corresponding excellent for obtaining each URL
Test case after change;The then test module 12, specifically for according to the test case after each corresponding optimizations of the URL
The SQL injection attack of the web application system is tested.
It should be noted that terminal shown in Fig. 9 is only based on terminal shown in Fig. 8, still, the present invention is implemented
The acquisition module 13 of example can be applied equally to Fig. 6 or shown in Fig. 7 terminals.
Terminal provided in an embodiment of the present invention can perform above method embodiment, implementing principle and technical effect class
Seemingly, details are not described herein.
Figure 10 is the structure diagram of web application system server embodiment provided by the invention.As shown in Figure 10, should
Web application system server includes:Receiving module 20, acquisition module 21 and sending module 22.
Wherein, receiving module 20, for receiving the uniform resource position mark URL of terminal transmission, the URL is used to indicate institute
It states web application system server and the corresponding data of the URL is obtained from web application system database;Wherein, the webpage
Using including at least one URL;Acquisition module 21 for accessing the web application system database according to the URL, obtains
The corresponding data of the URL;Sending module 22, for sending response results to the terminal according to the corresponding data of the URL.
Terminal provided in an embodiment of the present invention can perform above method embodiment, implementing principle and technical effect class
Seemingly, details are not described herein.
Finally it should be noted that:The above embodiments are only used to illustrate the technical solution of the present invention., rather than its limitations;To the greatest extent
Pipe is described in detail the present invention with reference to foregoing embodiments, it will be understood by those of ordinary skill in the art that:Its according to
Can so modify to the technical solution recorded in foregoing embodiments either to which part or all technical characteristic into
Row equivalent substitution;And these modifications or replacement, the essence of appropriate technical solution is not made to depart from various embodiments of the present invention technology
The scope of scheme.