通过addslashes() 进行SQL 注入的示例? [英] Examples of SQL Injections through addslashes()?
问题描述
在 PHP 中,我知道 mysql_real_escape
比使用 addslashes
安全得多.但是,我找不到 addslashes
会让 SQL 注入发生的例子.
In PHP, I know that mysql_real_escape
is much safer than using addslashes
.
However, I could not find an example of a situation where addslashes
would let an SQL Injection happen.
谁能举出一些例子?
推荐答案
好吧,这是您想要的文章.
基本上,攻击的工作方式是让 addslashes()
在多字节字符的中间放置一个反斜杠,这样反斜杠就失去了作为有效多字节序列的一部分的意义.
Basically, the way the attack works is by getting addslashes()
to put a backslash in the middle of a multibyte character such that the backslash loses its meaning by being part of a valid multibyte sequence.
文章中的一般警告:
任何字符编码都可以进行这种类型的攻击存在以 0x5c
结尾的有效多字节字符,因为addslashes()
可以被欺骗来创建一个有效的多字节字符而不是转义后面的单引号.UTF-8 不适合这个描述.
This type of attack is possible with any character encoding where there is a valid multi-byte character that ends in
0x5c
, becauseaddslashes()
can be tricked into creating a valid multi-byte character instead of escaping the single quote that follows. UTF-8 does not fit this description.
这篇关于通过addslashes() 进行SQL 注入的示例?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!