目标URL存在SQL注入漏洞

项目渗透测试出现   目标URL存在SQL注入漏洞 的问题:

目标URL存在SQL注入漏洞_第1张图片

 

这里就使用拦截器进行对request的host进行了验证:

package com.XXX.interceptoer;


import com.jfinal.aop.Interceptor;
import com.jfinal.aop.Invocation;

import javax.servlet.http.HttpSession;
import java.io.IOException;
import java.util.ArrayList;
import java.util.List;

/**
 * 未登录用户拦截
 */
public class AuthInterceptor implements Interceptor {
    @Override
    public void intercept(Invocation invocation) {
    	
        // 头攻击检测
    	String requestHost = invocation.getController().getRequest().getHeader("host");
        HttpServletResponse response = invocation.getController().getResponse();
        response.addHeader("Set-Cookie", " Path=/;  HttpOnly"); //Cookie 缺少 HttpOnly属性
        response.addHeader("X-Frame-Options", "SAMEORIGIN"); //防止 x-frame-options 缺失
        if (requestHost != null && !isWhite(requestHost)) {
        	response.setStatus(403);
                return;
        }else {
            HttpSession session = invocation.getController().getSession();
            String url = invocation.getController().getRequest().getRequestURI();
            if (session.getAttribute("user") != null || checkUrl(url)) {
                if (url.endsWith("/") && session.getAttribute("user") != null) {
                    try {
                        invocation.getController().getResponse().sendRedirect("/admin");
                    } catch (IOException e) {
                        e.printStackTrace();
                    }
                } else
                    invocation.invoke();
            } else {
                try {
                    invocation.getController().getResponse().sendRedirect("/");
                } catch (IOException e) {
                    e.printStackTrace();
                }
            }
        }
    	
    }

    private boolean checkUrl(String url) {
        return "/".equals(url)
                || url.contains("/XXX/XXX");
    }
    
    /**
     * 是否在白名单内
     * @param host
     * @return
     */
    private boolean isWhite(String host) {
        List whiteList = new ArrayList();
        whiteList.add("localhost:8088");
        whiteList.add("127.0.0.1:8088");
        for (String str : whiteList) {
            if (str != null && str.equals(host)) {
                return true;
            }
        }
    	return false;
    }
}

 

你可能感兴趣的:(javaWeb)