xml数据导入数据库_入侵xml数据

xml数据导入数据库

Code injection is a vulnerability with many faces: from SQL injection to OS command injection. These attacks happen because of a common programming mistake: letting user input pollute executable code.

代码注入是一个多方面的漏洞：从SQL注入到OS命令注入。 这些攻击的发生是由于常见的编程错误：让用户输入污染可执行代码。

Today, let’s talk about a lesser-known type of code injection: injecting into XPATH queries.

今天，让我们讨论一种鲜为人知的代码注入类型：注入XPATH查询。

什么是XPATH？ (What is XPATH?)

XPATH is a query language used for XML documents. Think SQL for XML.

XPATH是用于XML文档的查询语言。 考虑将SQL用于XML。

XPATH provides the ability to navigate around the XML document tree, and select specific elements based on certain criteria.

XPATH提供了在XML文档树中导航以及根据特定条件选择特定元素的能力。

For example, given an XML document:

例如，给定一个XML文档：

<?xml version="1.0" encoding="utf-8"?><Employees><employee id="1">
      <name>Kacey</name></employee><employee id="2">
      <name>Aaron</name></employee></Employees>

The XPATH expression below will select the ids of all employees:

下面的XPATH表达式将选择所有员工的ID：

/Employees/employee/@id

While this XPATH expression will select the names of all employees:

尽管此XPATH表达式将选择所有雇员的姓名：

/Employees/employee/name/text()

As you can see, XPATH is very similar to SQL in terms of functionality, albeit with a slightly different syntax. The basic syntax of XPATH is kind of like navigating the XML document using a file path.

如您所见，尽管语法略有不同，但XPATH在功能上与SQL非常相似。 XPATH的基本语法有点像使用文件路径浏览XML文档。

One major difference between XPATH and SQL is that XPATH is a standard language, and is not implementation-dependent. Whereas SQL has many different SQL dialects like MySQL, MSSQL, PostgreSQL, and SQLite. This difference is significant because it means that exploiting XPATH injection vulnerability is easier and potentially m