public static class CheckChar
{
#region SQL注入式攻击代码分析
///
/// 处理用户提交的请求
///
public static void StartProcessRequest()
{
try
{
string getkeys = "";
//防止GET注入
if (System.Web.HttpContext.Current.Request.QueryString != null)
{
if (System.Web.HttpContext.Current.Request.QueryString.Count == 0)
{
string url = "";
if (System.Web.HttpContext.Current.Request.UrlReferrer != null)
{
url = System.Web.HttpContext.Current.Request.UrlReferrer.ToString();
}
if (url.Length > 0)
{
url = url.Substring(url.IndexOf(‘?‘) + 1, url.Length - url.IndexOf(‘?‘) - 1);
}
if (!ProcessSqlStr(url,"get"))
{
// System.Web.HttpContext.Current.Response.Write("不能包含执行语句
");
// System.Web.HttpContext.Current.Response.End();
System.Web.HttpContext.Current.Response.Redirect("~/Error.aspx?path=" + System.Web.HttpContext.Current.Request.Url.PathAndQuery);
}
}
else
{
for (int i = 0; i )
{
getkeys = System.Web.HttpContext.Current.Request.QueryString.Keys[i];
if (!ProcessSqlStr(System.Web.HttpContext.Current.Request.QueryString[getkeys],"get"))
{
System.Web.HttpContext.Current.Response.Redirect("~/Error.aspx?path=" + System.Web.HttpContext.Current.Request.Url.PathAndQuery);
}
}
}
}
//防止POST注入
if (System.Web.HttpContext.Current.Request.Form != null)
{
for (int i = 0; i )
{
getkeys = System.Web.HttpContext.Current.Request.Form.Keys[i];
if (getkeys == "__VIEWSTATE" || getkeys == "__EVENTVALIDATION") continue;
if (!ProcessSqlStr(System.Web.HttpContext.Current.Request.Form[getkeys],"post"))
{
System.Web.HttpContext.Current.Response.Redirect("~/Error.aspx?path=" + System.Web.HttpContext.Current.Request.Url.PathAndQuery);
}
}
}
//防止COOKITS注入
if (System.Web.HttpContext.Current.Request.COOKIEs != null)
{
for (int i = 0; i )
{
getkeys = System.Web.HttpContext.Current.Request.COOKIEs.Keys[i];
if (getkeys == "__VIEWSTATE") continue;
if (!ProcessSqlStr(System.Web.HttpContext.Current.Request.COOKIEs[getkeys].Value,"COOKIE"))
{
System.Web.HttpContext.Current.Response.Redirect("~/Error.aspx?path=" + System.Web.HttpContext.Current.Request.Url.PathAndQuery);
}
}
}
}
catch
{
}
}
///
/// 分析用户请求是否正常
///
/// 传入用户提交数据
/// 返回是否含有SQL注入式攻击代码
public static bool ProcessSqlStr(string Str,string type)
{
bool ReturnValue = true;
try
{
if (Str.Trim() != "")
{
//string SqlStr = "and ¦exec ¦insert ¦select ¦delete ¦update ¦count ¦* ¦chr ¦mid ¦master ¦truncate ¦char ¦declare";/¦%2F
// string SqlStr = "iframe|xp_loginconfig|xp_fixeddrives|Xp_regremovemultistring|Xp_regread|Xp_regwrite|xp_cmdshell|xp_dirtree|count(|*|asc(|chr(|substring(|mid(|master|truncate|char(|declare|and|or|=|%|replace(|;|varchar(|cast exec¦insert¦select¦delete¦update¦mid¦master¦truncate¦declare¦script¦‘¦%27¦(¦%28¦)¦%29¦+¦%2B¦-¦%2D¦¦;¦%3B¦<¦%3C¦=¦%3D¦>¦%3E¦|¦%7C";
string SqlStr = string.Empty;
if(type.Equals("post"))
SqlStr = "%5C¦\\¦.jsp¦iframe¦xp_loginconfig¦xp_fixeddrives¦Xp_regremovemultistring¦Xp_regread¦Xp_regwrite¦xp_cmdshell¦xp_dirtree¦count(¦*¦asc(¦chr(¦substring(¦mid(¦master¦truncate¦char(¦declare¦ and ¦ or ¦replace(¦;¦varchar(¦cast¦exec ¦insert ¦select ¦delete ¦update ¦mid¦master ¦truncate ¦declare ¦script¦alert¦%27¦(¦%28¦)¦%29¦‘¦+¦%2B¦%2D¦;¦%3B¦<¦%3C¦%3D¦>¦%3E¦%7C";
else
SqlStr = "%5C¦\\¦.jsp¦iframe¦xp_loginconfig¦xp_fixeddrives¦Xp_regremovemultistring¦Xp_regread¦Xp_regwrite¦xp_cmdshell¦xp_dirtree¦count(¦*¦asc(¦chr(¦substring(¦mid(¦master¦truncate¦char(¦declare¦ and ¦ or ¦replace(¦;¦varchar(¦cast¦exec ¦insert ¦select ¦delete ¦update ¦mid¦master ¦truncate ¦declare ¦script¦alert¦%27¦(¦%28¦)¦%29¦+¦%2B¦%2D¦;¦%3B¦<¦%3C¦%3D¦>¦%3E¦%7C";
string[] anySqlStr = SqlStr.Split(‘¦‘);
foreach (string ss in anySqlStr)
{
if (Str.ToLower().IndexOf(ss) >= 0)
{
ReturnValue = false;
break;
}
}
}
}
catch
{
ReturnValue = false;
}
return ReturnValue;
}
#endregion
}
///
/// 过滤非法字符
///
public class CheckCharPage : System.Web.UI.Page
{
protected override void OnPreLoad(EventArgs e)
{
CheckChar.StartProcessRequest();
}
}