java基础漏洞学习----整数溢出漏洞+硬编码漏洞+不安全的随机数生成器

java基础漏洞学习----整数溢出漏洞+硬编码漏洞+不安全的随机数生成器

整数溢出漏洞

public class NumberLearning {
    public static void main(String[] args){
        System.out.println(Integer.MAX_VALUE+1);
        System.out.println(Integer.MIN_VALUE-1);
    }
}

硬编码漏洞

在进行数据库连接等操作的时候,经常会在db.properties写入明文的数据库用户名和密码
在编写程序的时候尽量对密码进行硬编码,而是采用对密码进行模糊化或先经过hash处理再转储,或在外部资源文件中进行处理
这里采用对username和password进行加密(测试)
db.properties

driver=com.mysql.cj.jdbc.Driver
url=jdbc:mysql://localhost:3306/security
username=cm9vdA==
password=cm9vdA==

主代码

import java.io.FileInputStream;
import java.io.IOException;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.util.Base64;
import java.util.Properties;

public class DBConfig {
    private static final String PROPERTIES_FILE = "F:/db.properties";
    private static final String DRIVER_KEY = "driver";
    private static final String URL_KEY = "url";
    private static final String USERNAME_KEY = "username";
    private static final String PASSWORD_KEY = "password";

    public static void main(String[] args) {
        Properties properties = new Properties();
        try {
            properties.load(new FileInputStream(PROPERTIES_FILE));

            String driver = properties.getProperty(DRIVER_KEY);
            String url = properties.getProperty(URL_KEY);
            String encryptedUsername = properties.getProperty(USERNAME_KEY);
            String encryptedPassword = properties.getProperty(PASSWORD_KEY);

            // 解密用户名和密码
            String username = decrypt(encryptedUsername);
            String password = decrypt(encryptedPassword);

            // 使用配置信息进行数据库连接
            Connection connection = null;
            try {
                Class.forName(driver);
                connection = DriverManager.getConnection(url, username, password);

                // 执行查询
                String query = "SELECT * FROM users WHERE id = ?";
                try (PreparedStatement statement = connection.prepareStatement(query)) {
                    statement.setInt(1, 2);
                    try (ResultSet resultSet = statement.executeQuery()) {
                        while (resultSet.next()) {
                            int id = resultSet.getInt("id");
                            String name = resultSet.getString("username");
                            // 处理查询结果
                            System.out.println("ID: " + id + ", Username: " + name);
                        }
                    }
                }
            } catch (ClassNotFoundException | SQLException e) {
                e.printStackTrace();
            } finally {
                if (connection != null) {
                    try {
                        connection.close();
                    } catch (SQLException e) {
                        e.printStackTrace();
                    }
                }
            }
        } catch (IOException e) {
            e.printStackTrace();
        }
    }

    private static String decrypt(String encryptedString) {
        // 进行解密操作,这里假设使用Base64进行加密
        byte[] decodedBytes = Base64.getDecoder().decode(encryptedString);
        return new String(decodedBytes);
    }
}

不安全的随机数生成器

三种随机数生成器
1.Random
本质上是系统当前时间,且如果种子相同的话,生成的随机数就相同
2.Math
3.SecureRandom
种子是不可预知的,产生非确定性输出

import java.util.Random;
import java.security.SecureRandom;
import java.security.NoSuchAlgorithmException;

public class RandomLearning {
    public static void main(String[] args) throws NoSuchAlgorithmException {
        System.out.println("Random随机数");
        Random random1 = new Random(1);
        for(int i=0;i<5;i++){
            System.out.print(random1.nextInt(10)+" ");
        }
        System.out.println();
        Random random2 = new Random(1);
        for(int i=0;i<5;i++){
            System.out.print(random2.nextInt(10)+" ");
        }
        System.out.println();
        System.out.println("Math随机数");
        int randomNumber = (int) (Math.random() * 100);
        for(int i=0;i<5;i++){
            System.out.print(randomNumber+" ");
        }
        System.out.println();
        System.out.println("SecureRandom随机数");
        SecureRandom secureRandom1 = SecureRandom.getInstance("SHA1PRNG");
        for(int i=0;i<5;i++){
            System.out.print(secureRandom1.nextInt(10)+" ");
        }
        System.out.println();
        SecureRandom secureRandom2 = SecureRandom.getInstance("SHA1PRNG");
        for(int i=0;i<5;i++){
            System.out.print(secureRandom2.nextInt(10)+" ");
        }
    }
}

posted @ 2023-10-29 16:47  BattleofZhongDinghe  阅读(173)  评论(0编辑  收藏  举报