上篇《MSQL攻击》以对MSQL攻击进行了讲解,此处只对代码进行演示
MSQL攻击代码演示
package cn.wrh.test;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import org.junit.Test;
import com.mysql.jdbc.PreparedStatement;
public class Jdbc3 {
Connection con = null;
Statement stm = null;
ResultSet rs = null;
public static Connection getConnection() throws Exception {
/**
* 一、得到Connection对象<br>
* 1.准备连接数据库四大参数<br>
* 2.加载MySQL驱动 <br>
* 3.得到Connection<br>
*/
/** 加载驱动 */
Class.forName("com.mysql.jdbc.Driver");
/** 定义URL */
String url = "jdbc:mysql://localhost:3306/student?characterEncoding=utf-8";
/** 定义数据库用户 */
String username = "root";
/** 定义密码 */
String pwd = "123456789";
/** 获取连接 */
Connection con = DriverManager.getConnection(url, username, pwd);
return con;
}
public boolean login(String username, String password) throws SQLException {
try {
/** 定义SQL */
String sql = "SELECT * FROM user WHERE " + "username='" + username + "' and password='" + password + "'";
con = getConnection();
/** 创建预处理对象 */
stm = con.createStatement();
// ★调用Statement的executeQuery()方法,返回一个结果集对象
rs = stm.executeQuery(sql);
return rs.next();
} catch (Exception e) {
// TODO: handle exception
throw new RuntimeException();
} finally {
// ★关闭资源:后得到的资源先关。
if (rs != null)
rs.close();
if (stm != null)
stm.close();
if (con != null)
con.close();
}
}
@Test
public void fun2() throws SQLException {
boolean bool = login("zhangsan", "111");
System.out.println("===============" + bool);
}
@Test
public void fun1() throws SQLException {
String username = "a'or'a'='a";
String password = "a'or'a'='a";
boolean bool = login(username, password);
System.out.println("=======Msql攻击========" + bool);
}
}
防止MSQL攻击:
package cn.wrh.test;
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.PreparedStatement;
import java.sql.ResultSet;
import java.sql.SQLException;
import java.sql.Statement;
import org.junit.Test;
public class Jdbc4 {
Connection con = null;
Statement stm = null;
ResultSet rs = null;
public static Connection getConnection() throws Exception {
/**
* 一、得到Connection对象<br>
*1.准备连接数据库四大参数<br>
* 2.加载MySQL驱动 <br>
* 3.得到Connection<br>
*/
/** 加载驱动 */
Class.forName("com.mysql.jdbc.Driver");
/** 定义URL */
String url = "jdbc:mysql://localhost:3306/student?characterEncoding=utf-8";
/** 定义数据库用户 */
String username = "root";
/** 定义密码 */
String pwd = "123456789";
/** 获取连接 */
Connection con = DriverManager.getConnection(url, username, pwd);
return con;
}
public boolean login(String username, String password) throws SQLException {
boolean b=false;
try {
/** 定义SQL */
String sql = "SELECT * FROM user where username=? and password=? ";
con = getConnection();
/** 创建预处理对象 */
//stm = con.createStatement();
// ★调用Statement的executeQuery()方法,返回一个结果集对象
//rs = stm.executeQuery(sql);
System.out.println("---------"+sql);
PreparedStatement pstmt = con.prepareStatement(sql);
pstmt.setString(1, username);
pstmt.setString(2, password);
rs=pstmt.executeQuery();
if(rs.next()) {
b=true;
}else {
}
} catch (Exception e) {
// TODO: handle exception
System.out.println("出错了");
} finally {
// ★关闭资源:后得到的资源先关。
if (rs != null)
rs.close();
if (stm != null)
stm.close();
if (con != null)
con.close();
}
return b;
}
@Test
public void fun1() throws SQLException {
String username = "a'or'a'='a";
String password = "a'or'a'='a";
boolean bool = login(username, password);
System.out.println("=======Msql攻击========" + bool);
}
@Test
public void fun2() throws SQLException {
String username = "zhangsan";
String password = "1111";
boolean bool = login(username, password);
System.out.println("===============" + bool);
}
}