| With the development of Web application, more and more enterprises built their own information system platform, and build enterprise portals which supports on application system platform. In the growth and development of portal technology, the security is becoming a portal to support more users and more continuous growth of the background in the development of the bottleneck. The article described the violence database, cookies deceive, SQL injection, XSS cross-site scripting attacks and marginal notes in detail, and described SQL injection specially. On the basis of these injection attack ways, the article described the ways to get WebShell, and the principle of big Trojan, little Trojan and one word Trojan. The article made recommendations based on those injection attack ways, and propose the way to secure the SQL Server database operating system at the last of paper. The enterprise portals can protect themselves by those ways. |
PDF Full Text Request