基于Web的SQL注入漏洞扫描系统的分析与设计

【作者】 王勇；

【导师】 艾玲梅；

【作者基本信息】 陕西师范大学 ， 工程硕士（专业学位）， 2016， 硕士

【摘要】 随着计算机网络技术的发展,基于数据库架构和Web技术的应用系统已日趋流行,并在企业内的业务系统中得到广泛的应用。由于Web应用本身带有天然的缺陷,使其很容易受到外界攻击。为了抵御越来越严重的安全风险,专家们也积极研究新的防范措施。Web安全渗透测试技术就是一种效果良好的防范技术,该技术是完全模拟黑客的手段对Web应用系统进行攻击探测。通常攻击者有多种手段对Web应用实施攻击,SQL注入攻击是最常见且危害较大的一种,至少有70%的Web站点存在SQL注入漏洞。这些漏洞不仅威胁到数据库信息,还对系统和用户信息造成威胁。因此,做好相关的入侵检测和防范工作是保证Web应用系统和整个信息基础设施安全的关键。由于目前存在的SQL注入检测大都是基于语法分析的策略,这种策略的检测效率较低,并且现有的SQL注入漏洞扫描系统也普遍存在对漏洞的扫描不够全面等缺陷,本文针对以上问题具体做了以下工作。1、通过研究SQL注入漏洞相关的防御和检测技术,利用本地搭建好的实验环境,以Pubs数据库为例子结合多种渗透手法进行SQL注入实验,在手工SQL注入的基础上又介绍了工具注入的原理,并总结了手工注入和工具注入的特点和异同。2、根据SQL注入攻击的特点,提出了4种具体的防御措施,为SQL注入漏洞检测方法提供了参考。实验证明使用这些防御措施的Web应用系统可以防范绝大多数的SQL注入攻击,并且对Web应用系统中出现的SQL注入点也有较好的识别效果。3、根据SQL注入攻防的实验理论,设计了一个SQL注入漏洞扫描系统,此系统扫描算法采用树模型结构,并运用正则规则改进了传统的提取URL的方法,使从HTML字符串中提取出的URL为绝对路径,系统还引入了多线程技术,通过实验证明该系统能有效的检测出网络站点存在的SQL注入漏洞。更多还原

【Abstract】 With the development of computer network technology, the application system based on the database schema and Web technology has increasingly popular, and has been widely used within the enterprise’s business system. Because of the Web application with the natural defects, makes it vulnerable to be attacked. To resist more and more serious security risks, experts also actively research new preventive measures. Web security penetration testing technology is an effective prevention technology, it fully simulates the hacker’s methods of detection for Web application system.The attackers usually have a variety of means attack Web application, and injection attack is one of the most common and greater harm, at least 70% of the Web site have SQL injection vulnerabilities.These vulnerabilities not only threaten the database information, but also harm system and users.Therefore, it is the key to get done of the related intrusion detection and prevention work to ensure the security of Web application system and the whole information.Due to the existing detection are based on SQL syntax analysis strategy, this strategy of detection efficiency is lower, and now the SQL injection vulnerability scanning system is widespread on vulnerability scanning is not enough comprehensive, aiming at the above problems specific to do the following work.1.This paper focuses on the SQL injection vulnerability related defense and detection technology, and uses the experimental environment of the local construction, combined with a variety of penetration techniques carry out manual SQL injection experiments by using Pubs database as an example., on the basis of manual SQL injection, the principle of tool injection is introduced, and sums up the characteristics and the similarities and differences of the manual injection and tools injection.2.According to the method of SQL injection attack, several specific improvement measures of SQL injection vulnerability were proposed, which provided the reference for the SQL injection vulnerability detection method.Through experiments show that the Web application system which uses these defensive measures can identify the majority of SQL injection attacks, also has good recognition effect to the SQL injection point of the Web application system.3.According to the theory of SQL injection attack and defense experiment, designed a SQL injection vulnerability scanning system,this system uses tree model, using the regular rules to improve the traditional method to extract the URL, make the extracted URL an absolute path, and introduces multithreading technology, the experimental results show that the system can effectively detect the SQL injection vulnerability in the network site.更多还原