欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页  >  IT编程

asp.net下检测SQL注入式攻击代码

程序员文章站 2024-03-08 22:02:28
两个类: (页面数据校验类)pagevalidate.cs 基本通用。 代码如下: 复制代码 代码如下:using system; using system.text; u...
两个类:
(页面数据校验类)pagevalidate.cs 基本通用。
代码如下:
复制代码 代码如下:

using system;
using system.text;
using system.web;
using system.web.ui.webcontrols;
using system.text.regularexpressions;

namespace common
{
    /// <summary>
    /// 页面数据校验类
    /// </summary>
    public class pagevalidate
    {
        private static regex regnumber = new regex("^[0-9]+$");
        private static regex regnumbersign = new regex("^[+-]?[0-9]+$");
        private static regex regdecimal = new regex("^[0-9]+[.]?[0-9]+$");
        private static regex regdecimalsign = new regex("^[+-]?[0-9]+[.]?[0-9]+$"); //等价于^[+-]?\d+[.]?\d+$
        private static regex regemail = new regex("^[\\w-]+@[\\w-]+\\.(com|net|org|edu|mil|tv|biz|info)$");//w 英文字母或数字的字符串,和 [a-za-z0-9] 语法一样
        private static regex regchzn = new regex("[\u4e00-\u9fa5]");

        public pagevalidate()
        {
        }


        #region 数字字符串检查        

        /// <summary>
        /// 检查request查询字符串的键值,是否是数字,最大长度限制
        /// </summary>
        /// <param name="req">request</param>
        /// <param name="inputkey">request的键值</param>
        /// <param name="maxlen">最大长度</param>
        /// <returns>返回request查询字符串</returns>
        public static string fetchinputdigit(httprequest req, string inputkey, int maxlen)
        {
            string retval = string.empty;
            if(inputkey != null && inputkey != string.empty)
            {
                retval = req.querystring[inputkey];
                if(null == retval)
                    retval = req.form[inputkey];
                if(null != retval)
                {
                    retval = sqltext(retval, maxlen);
                    if(!isnumber(retval))
                        retval = string.empty;
                }
            }
            if(retval == null)
                retval = string.empty;
            return retval;
        }        
        /// <summary>
        /// 是否数字字符串
        /// </summary>
        /// <param name="inputdata">输入字符串</param>
        /// <returns></returns>
        public static bool isnumber(string inputdata)
        {
            match m = regnumber.match(inputdata);
            return m.success;
        }        
        /// <summary>
        /// 是否数字字符串 可带正负号
        /// </summary>
        /// <param name="inputdata">输入字符串</param>
        /// <returns></returns>
        public static bool isnumbersign(string inputdata)
        {
            match m = regnumbersign.match(inputdata);
            return m.success;
        }        
        /// <summary>
        /// 是否是浮点数
        /// </summary>
        /// <param name="inputdata">输入字符串</param>
        /// <returns></returns>
        public static bool isdecimal(string inputdata)
        {
            match m = regdecimal.match(inputdata);
            return m.success;
        }        
        /// <summary>
        /// 是否是浮点数 可带正负号
        /// </summary>
        /// <param name="inputdata">输入字符串</param>
        /// <returns></returns>
        public static bool isdecimalsign(string inputdata)
        {
            match m = regdecimalsign.match(inputdata);
            return m.success;
        }        

        #endregion

        #region 中文检测

        /// <summary>
        /// 检测是否有中文字符
        /// </summary>
        /// <param name="inputdata"></param>
        /// <returns></returns>
        public static bool ishaschzn(string inputdata)
        {
            match m = regchzn.match(inputdata);
            return m.success;
        }    

        #endregion

        #region 邮件地址
        /// <summary>
        /// 是否是浮点数 可带正负号
        /// </summary>
        /// <param name="inputdata">输入字符串</param>
        /// <returns></returns>
        public static bool isemail(string inputdata)
        {
            match m = regemail.match(inputdata);
            return m.success;
        }        

        #endregion

        #region 其他

        /// <summary>
        /// 检查字符串最大长度,返回指定长度的串
        /// </summary>
        /// <param name="sqlinput">输入字符串</param>
        /// <param name="maxlength">最大长度</param>
        /// <returns></returns>            
        public static string sqltext(string sqlinput, int maxlength)
        {            
            if(sqlinput != null && sqlinput != string.empty)
            {
                sqlinput = sqlinput.trim();                            
                if(sqlinput.length > maxlength)//按最大长度截取字符串
                    sqlinput = sqlinput.substring(0, maxlength);
            }
            return sqlinput;
        }        
        /// <summary>
        /// 字符串编码
        /// </summary>
        /// <param name="inputdata"></param>
        /// <returns></returns>
        public static string htmlencode(string inputdata)
        {
            return httputility.htmlencode(inputdata);
        }
        /// <summary>
        /// 设置label显示encode的字符串
        /// </summary>
        /// <param name="lbl"></param>
        /// <param name="txtinput"></param>
        public static void setlabel(label lbl, string txtinput)
        {
            lbl.text = htmlencode(txtinput);
        }
        public static void setlabel(label lbl, object inputobj)
        {
            setlabel(lbl, inputobj.tostring());
        }        
        //字符串清理
        public static string inputtext(string inputstring, int maxlength)
        {            
            stringbuilder retval = new stringbuilder();

            // 检查是否为空
            if ((inputstring != null) && (inputstring != string.empty))
            {
                inputstring = inputstring.trim();

                //检查长度
                if (inputstring.length > maxlength)
                    inputstring = inputstring.substring(0, maxlength);

                //替换危险字符
                for (int i = 0; i < inputstring.length; i++)
                {
                    switch (inputstring[i])
                    {
                        case '"':
                            retval.append(""");
                            break;
                        case '<':
                            retval.append("<");
                            break;
                        case '>':
                            retval.append(">");
                            break;
                        default:
                            retval.append(inputstring[i]);
                            break;
                    }
                }                
                retval.replace("'", " ");// 替换单引号
            }
            return retval.tostring();

        }
        /// <summary>
        /// 转换成 html code
        /// </summary>
        /// <param name="str">string</param>
        /// <returns>string</returns>
        public static string encode(string str)
        {            
            str = str.replace("&","&");
            str = str.replace("'","''");
            str = str.replace("\"",""");
            str = str.replace(" "," ");
            str = str.replace("<","<");
            str = str.replace(">",">");
            str = str.replace("\n","<br>");
            return str;
        }
        /// <summary>
        ///解析html成 普通文本
        /// </summary>
        /// <param name="str">string</param>
        /// <returns>string</returns>
        public static string decode(string str)
        {            
            str = str.replace("<br>","\n");
            str = str.replace(">",">");
            str = str.replace("<","<");
            str = str.replace(" "," ");
            str = str.replace(""","\"");
            return str;
        }

        #endregion 

    }
}

通用文件(global.asax),保存为global.asax文件名 放到网站根木马下即可。(其他功能自行补上)
复制代码 代码如下:

<script language="c#" runat="server"><!--
    protected void application_beginrequest(object sender, eventargs e)
        {
            startprocessrequest();
        }


/// <summary>
/// 处理用户提交的请求
/// </summary>
private void startprocessrequest()
{
try
{
string getkeys = "";

if (system.web.httpcontext.current.request.querystring != null)
{

for (int i = 0; i < system.web.httpcontext.current.request.querystring.count; i++)
{
getkeys = system.web.httpcontext.current.request.querystring.keys[i];
if (!processsqlstr(system.web.httpcontext.current.request.querystring[getkeys]))
{
system.web.httpcontext.current.response.write("get,出现错误,包含非法字符串");
system.web.httpcontext.current.response.end();
}
}
}
if (system.web.httpcontext.current.request.form != null)
{
for (int i = 0; i < system.web.httpcontext.current.request.form.count; i++)
{
getkeys = system.web.httpcontext.current.request.form.keys[i];
if (getkeys == "__viewstate") continue;
if (!processsqlstr(system.web.httpcontext.current.request.form[getkeys]))
{
system.web.httpcontext.current.response.write("post,出现错误,包含非法字符串");
system.web.httpcontext.current.response.end();
}
}
}
            if(system.web.httpcontext.current.request.cookies!=null)
            {
             for (int i = 0; i < system.web.httpcontext.current.request.cookies.count; i++)
{
getkeys = system.web.httpcontext.current.request.cookies.keys[i];
if (getkeys == "__viewstate") continue;
if (!processsqlstr(system.web.httpcontext.current.request.cookies[getkeys].value))
{
system.web.httpcontext.current.response.write("cookies,出现错误,包含非法字符串");
system.web.httpcontext.current.response.end();
}
}
            }

}
catch
{
// 错误处理: 处理用户提交信息!
}
}
/// <summary>
/// 分析用户请求是否正常
/// </summary>
/// <param name="str">传入用户提交数据 </param>
/// <returns>返回是否含有sql注入式攻击代码 </returns>
private bool processsqlstr(string str)
{
bool returnvalue = true;
try
{
if (str.trim() != "")
{
                string sqlstr = "select¦insert¦delete¦update¦declare¦sysobjects¦syscolumns¦cast¦truncate¦master¦mid¦exec";

                string[] anysqlstr = sqlstr.split('¦');
foreach (string ss in anysqlstr)
{
if (str.tolower().indexof(ss) >= 0)
{
returnvalue = false;
break;
}
}
}
}
catch
{
returnvalue = false;
}
return returnvalue;
}

// --></script>