TSql100Parser 检查sql injection
TSql100Parser
[Test]
public void Test20211117_001()
{
var query = "<columns><column name=\"GiftID\" header=\"GiftID\" type=\"asc\"></column><column name=\"GiftName\" header=\"\" type=\"asc\"></column></columns>";
//CheckSQLQuery(query, QueryScopeEnum.OrderBy);
query = "test';WAITFOR DELAY '0:0:5'--";
CheckSQLQuery(query,QueryScopeEnum.Where);
}
private void CheckSQLQuery(string query, QueryScopeEnum scope)
{
if (string.IsNullOrEmpty(query))
{
return;
}
string completeQuery = GetCompleteQuery(query, scope);
if (!string.IsNullOrEmpty(completeQuery))
{
TSql100Parser tsqlParser = new TSql100Parser(true);
IList<ParseError> errors;
var fragments = tsqlParser.Parse(new StringReader(completeQuery), out errors);
var sqlScript = fragments as TSqlScript;
var valid = (errors.Count == 0)
&& (sqlScript != null)
&& (sqlScript.Batches.Count == 1)
&& (sqlScript.Batches[0].Statements.Count == 1)
&& (sqlScript.Batches[0].Statements[0] is SelectStatement);
if (!valid)
{
Console.WriteLine("invalid");
}
}
}
private static string GetCompleteQuery(string query, QueryScopeEnum scope)
{
string completeQuery;
switch (scope)
{
case QueryScopeEnum.Columns:
completeQuery = $"SELECT {query} FROM [NOTEXISTINGTABLE]";
break;
case QueryScopeEnum.OrderBy:
completeQuery = $"SELECT * FROM [NOTEXISTINGTABLE] ORDER BY {query}";
break;
case QueryScopeEnum.Where:
completeQuery = $"SELECT * FROM [NOTEXISTINGTABLE] WHERE {query}";
break;
case QueryScopeEnum.Query:
completeQuery = query;
break;
default:
completeQuery = null;
break;
}
return completeQuery;
}
检查where语句 test';WAITFOR DELAY '0:0:5'--
Expected but did not find a closing quotation mark after the character string '--.
检查orderby语句<columns><column name=\"GiftID\" header=\"GiftID\" type=\"asc\"></column><column name=\"GiftName\" header=\"\" type=\"asc\"></column></columns>
Incorrect syntax near <.
作者:Chuck Lu GitHub |
【推荐】国内首个AI IDE,深度理解中文开发场景,立即下载体验Trae
【推荐】编程新体验,更懂你的AI,立即体验豆包MarsCode编程助手
【推荐】抖音旗下AI助手豆包,你的智能百科全书,全免费不限次数
【推荐】轻量又高性能的 SSH 工具 IShell:AI 加持,快人一步
· 记一次.NET内存居高不下排查解决与启示
· 探究高空视频全景AR技术的实现原理
· 理解Rust引用及其生命周期标识(上)
· 浏览器原生「磁吸」效果!Anchor Positioning 锚点定位神器解析
· 没有源码,如何修改代码逻辑?
· 全程不用写代码,我用AI程序员写了一个飞机大战
· DeepSeek 开源周回顾「GitHub 热点速览」
· MongoDB 8.0这个新功能碉堡了,比商业数据库还牛
· 记一次.NET内存居高不下排查解决与启示
· 白话解读 Dapr 1.15:你的「微服务管家」又秀新绝活了
2020-11-17 TLS Security
2017-11-17 web forms page和control的生命周期life cycle交互,以及page生命周期中每个event中需要做什么事情
2016-11-17 sqlite创建表
2015-11-17 What's New for Visual C# 6.0
2015-11-17 分批次获取git for windows的源代码
2015-11-17 Interpolated Strings
2014-11-17 sqlite中的时间