Title : the Information Security Detection and Prevention of University Database
Abstract: With the increase of network security awareness, the single method of penetration test is unable to satisfy the need of remote penetration. The more effective way of remote penetration test uses comprehensively progressive attack techniques to intrude the internal network and get the target computer's authorization via horizontal privilege escalation so as to obtain the confidential information finally. As the preferred way of intruding an internal network, web scriting attack that mainly uses SQL injection attack has become one of the most important techniques in remote penetration test.SQL injection attack represents the common method that hackers use to attck databases. Like general access to a web page, It accesses the page via normal WWW ports in which case the firewall doesn't sound the alarm. Due to the flexibility of SQL injection, unexpected conditions often occure when using it. This article takes a PHP+MySQL website based on B/S architecture as a good example to deeply analyze the detection and prevention measures of SQL injection.
Key Words: DataBase information security SQL injection solutions
内容全部来源于网络收集,如有侵权,请联系网站删除:QQ:24596024