前言:
今天看一本PHP书籍的时候,看到里面提到了数据库的字符集,让我想到了宽字节注入,自己好像对此也是一知半解。查了点资料,特此做个笔记。
产生注入原因:
宽字节注入,相信大家都知道是什么东西,利用GBK编码的问题通过%df把\给吃掉,从而使'逃离出来,这里说得是gbk,但并不一定就只 有gbk,只要字符通过转码,就有可能出现这类问题。
那么gbk转码到底是从哪里来的呢?
我们看下这张图,原来就是从client到connection这里,会有一个gbk转码
再看下下面的代码,来个案例
<?php
//连接数据库部分,注意使用了gbk编码
$conn = mysql_connect('localhost', 'root', 'root') or die('bad!');
mysql_query("SET NAMES 'gbk'");
mysql_select_db('test', $conn) OR emMsg("连接数据库失败,未找到您填写的数据库");
//执行sql语句
$uid = isset($_GET['uid']) ? addslashes($_GET['uid']) : 1;
echo addslashes($_GET['uid'])."<br>";
$sql = "SELECT * FROM admin WHERE uid='{$uid}'";
echo $sql."<br>";
$result = mysql_query($sql, $conn) or die(mysql_error());
?>
<!DOCTYPE html>
<html>
<head>
<meta charset="gbk" />
<title>新闻</title>
</head>
<body>
<?php
$row = mysql_fetch_array($result, MYSQL_ASSOC);
echo "<h2>{$row['name']}</h2><p>{$row['uid']}<p>\n";
mysql_free_result($result);
?>
</body>
</html>
首先set names gbk 等同于character_set_client=gbk,character_set_connection=gbk,character_set_results=gbk
然后我们看下代码,对GET来的uid先addslashes过滤一下,然后执行到数据库,我们注意,在这里set names gbk就起作用了,在传输到数据库的时候,会把代码gbk编码一下,就是在这里产生了注入,当我们输入%df'
经过addslashes变成%df\',然后gbk编码,%df\会变成一个汉字,从而使'逃逸出来,产生了注入
理解:
1:少用iconv,可能产生编码问题
2:用mysql_set_charset代替set names,因为mysql_set-charset会修改mysql->charset为设定的字符集
3:用mysql_real_escape_string()代替addslashes,因为前者会根据当前字符集进行过滤
参考地址:
http://www.freebuf.com/articles/web/31537.html
http://www.laruence.com/2008/01/05/12.html
能转载一下吗
可以,注明原处就好
I want to voice my appreciation for your kind-heartedness supporting men and women who must have assistance with your situation. Your special dedication to getting the message around appeared to be exceedingly powerful and has specifically helped guys much like me to arrive at their objectives. Your amazing valuable key points implies much to me and still more to my fellow workers. With thanks; from everyone of us.
I enjoy you because of all of the effort on this web site. Gloria loves working on research and it's really simple to grasp why. Most people notice all concerning the dynamic mode you convey useful guides on your web blog and in addition welcome contribution from people on that concept while our own simple princess has always been understanding a lot of things. Have fun with the remaining portion of the new year. Your carrying out a dazzling job.
I needed to write you one very small remark so as to give many thanks again for those striking tips you've provided on this site. This has been pretty open-handed of people like you to deliver easily all many of us could have advertised as an ebook to earn some bucks on their own, especially given that you might well have tried it in case you considered necessary. The basics as well acted to become a fantastic way to be sure that some people have similar dream just like my very own to understand more around this problem. I believe there are some more enjoyable sessions up front for those who examine your site.
I in addition to my buddies happened to be following the excellent secrets and techniques from your web page and so suddenly came up with a horrible suspicion I had not expressed respect to the site owner for those strategies. My young men appeared to be so stimulated to learn them and have in effect extremely been using those things. Thanks for really being well thoughtful and also for deciding upon some quality things millions of individuals are really needing to be aware of. Our own honest apologies for not expressing appreciation to you sooner.
I truly wanted to write a quick comment in order to thank you for the nice solutions you are giving at this site. My particularly long internet research has now been rewarded with high-quality content to write about with my two friends. I 'd admit that most of us website visitors are undeniably fortunate to live in a fabulous place with very many outstanding people with helpful tips and hints. I feel very grateful to have discovered your entire web site and look forward to plenty of more exciting moments reading here. Thanks again for everything.
I precisely wanted to thank you so much yet again. I do not know what I would have done in the absence of the creative ideas shown by you on such a situation. It had become a intimidating situation for me personally, however , noticing this specialized approach you processed that took me to leap for gladness. I'm happier for the work as well as pray you know what a powerful job you are always getting into training people today using your webpage. More than likely you've never got to know any of us.
I together with my pals came reading the great strategies from your site while at once I had a terrible suspicion I had not expressed respect to the blog owner for them. My young boys had been consequently happy to study all of them and have absolutely been using them. Many thanks for truly being so considerate and for selecting some excellent areas most people are really desirous to know about. My personal honest apologies for not saying thanks to earlier.
I precisely needed to thank you very much again. I do not know the things that I could possibly have carried out in the absence of the type of strategies discussed by you relating to my area. It has been a real horrifying difficulty for me, but observing your expert technique you resolved it took me to cry over gladness. I am just grateful for your advice and thus trust you are aware of a great job you're doing teaching many others by way of a site. I'm certain you've never come across any of us.
I needed to compose you this very little note so as to say thanks yet again for your superb advice you have contributed at this time. This has been particularly open-handed with people like you to allow extensively all many people might have supplied as an ebook in order to make some bucks for themselves, particularly since you might have done it in case you wanted. Those tactics also acted to become a great way to know that other people online have similar fervor just like mine to learn good deal more regarding this condition. I believe there are millions of more pleasurable moments ahead for many who scan through your site.
I simply wanted to type a small word in order to thank you for those magnificent guidelines you are posting here. My particularly long internet look up has finally been compensated with good information to share with my companions. I would admit that most of us readers are rather fortunate to live in a decent network with very many awesome individuals with very beneficial secrets. I feel truly privileged to have seen your webpage and look forward to so many more enjoyable moments reading here. Thanks once again for all the details.
I definitely wanted to write a small word to appreciate you for these magnificent recommendations you are showing on this website. My time consuming internet investigation has finally been recognized with good quality concept to go over with my contacts. I would admit that we visitors are undeniably blessed to live in a magnificent site with very many outstanding individuals with very beneficial techniques. I feel extremely lucky to have encountered your web page and look forward to plenty of more excellent moments reading here. Thank you once more for all the details.
I and my guys happened to be digesting the excellent recommendations located on your website and then quickly got an awful suspicion I had not thanked the website owner for those techniques. These boys came joyful to read them and now have in actuality been taking pleasure in those things. We appreciate you simply being considerably helpful and also for finding such good areas millions of individuals are really desperate to know about. My personal sincere apologies for not expressing gratitude to sooner.
I really wanted to send a small remark to be able to thank you for some of the splendid guidelines you are showing here. My time intensive internet investigation has at the end of the day been rewarded with reasonable details to go over with my colleagues. I would state that that most of us visitors are really blessed to dwell in a fantastic community with many perfect professionals with interesting tips. I feel rather happy to have discovered your web pages and look forward to really more cool minutes reading here. Thanks a lot once more for a lot of things.
I enjoy you because of all your valuable labor on this website. Debby take interest in carrying out investigation and it is simple to grasp why. A lot of people notice all regarding the lively tactic you create rewarding tactics via your web blog and invigorate contribution from some others about this subject and my child has always been learning a whole lot. Take advantage of the remaining portion of the new year. You are always doing a brilliant job.
I not to mention my guys have been checking out the great ideas located on your web page and then suddenly came up with a terrible suspicion I never expressed respect to the website owner for those tips. My people had been so passionate to study them and already have truly been taking pleasure in those things. I appreciate you for truly being really kind and for deciding upon certain perfect things most people are really desperate to learn about. My very own sincere regret for not saying thanks to you earlier.
I wanted to send you the bit of word so as to say thank you the moment again relating to the nice ideas you have documented above. This has been simply pretty generous with people like you to deliver without restraint exactly what a number of us could have sold for an ebook to help with making some cash on their own, specifically since you might well have tried it in case you decided. The guidelines in addition acted to be the easy way to be sure that other people online have a similar eagerness just as my very own to know the truth very much more with respect to this condition. I think there are several more pleasurable opportunities ahead for folks who discover your site.
I precisely wanted to say thanks yet again. I do not know the things I would have created without those aspects shared by you about such question. It was before the scary situation for me, however , encountering this specialised strategy you solved the issue took me to jump over gladness. I'm thankful for your guidance as well as have high hopes you find out what an amazing job you're getting into educating men and women using a blog. Most likely you've never encountered any of us.
I would like to get across my love for your kindness supporting visitors who really want help with that theme. Your special commitment to getting the solution up and down has been surprisingly valuable and has really permitted regular people like me to get to their objectives. The informative help and advice indicates a whole lot to me and much more to my peers. Many thanks; from each one of us.