已经通过SQL注入攻击的登录代码示例，虽然mysql_real_escape_string ... [英] Login code sample which has been hacked via SQL Injection, although mysql_real_escape_string...

问题描述

我使用CodeIgniter，并且有黑客攻击的麻烦。是否可以对以下登录代码进行SQL注入：

I use CodeIgniter, and having trouble with hacking. Is it possible to make SQL Injection to the login code below:

    function process_login()
{
    $username = mysql_real_escape_string($this->input->post('username'));    
    $password  = mysql_real_escape_string(MD5($this->input->post('password')));

    //Check user table
    $query = $this->db->getwhere('users', array('username'=>$username, 'password'=>$password));

    if ($query->num_rows() > 0)
    {
        // success login data

我使用 mysql_real_escape_string 错了吗？

推荐答案

没有发布的内容可能不容易遭到sql注入。虽然getwhere（）可以做一个stripslashes（），我不知道。

No what have posted is not probably not vulnerable to sql injection. Although getwhere() could be doing a stripslashes(), I'm not sure.

它可能是如果有SQL注入，它是在你的应用程序的另一部分。攻击者可以使用此漏洞获取您的非常弱的 md5（）哈希，破解它，然后登录。使用sha2系列的任何成员，sha-256是一个伟大的选择。

Its likely that if there was SQL Injection that it is in another part of your application. The attacker could use this vulnerability to obtain your extremely weak md5() hash, crack it, and then login. Use any member of the sha2 family, sha-256 is a great choice.

如果您的网站已经玷污，那么我会严重怀疑它是sql注入。它很难自动化利用sql注入来解密网站，但它是可能的。我将确保所有库和已安装的应用程序都完全更新。特别是如果你有一个CMS或论坛。您可以对您的网站运行 OpenVAS 扫描，以查看是否找到任何旧软件。

If your site has been defaced then I seriously doubt that it is sql injection. Its difficult to automate the exploitation of sql injection to deface websites, but it is possible. I would make sure that all libraries and installed applications are fully updated. Especially if you have a CMS or forum. You could run an OpenVAS scan against your site to see if it finds any old software.

这篇关于已经通过SQL注入攻击的登录代码示例，虽然mysql_real_escape_string ...的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！