| Due to the defects of script language itself and weak awareness of web server security, there exist various securities issues which are usually used by SQL injection attackers. A SQL injection attack mainly uses the characteristic of interactive web applications that include database services. Such applications accept user input then forward this input in the database requests. Attacker makes the malicious input that can provoke another request in the database server which is different from the original intent of application programmer.Nowadays, at least 70% of websites present such security drawbacks, moreover, due to the characteristic of information share in web server, attackers could easily utilize this attack method by inputting freaky SQL statements in order to acquire sensitive information from server, execute system procedure and upload a web backdoor, or maybe even obtain the privilege which only belongs to administrator. Such security issues not only threaten to the user's information, but also the whole inner network.Based on those security topics, this thesis, firstly, studied two system... |
PDF Full Text Request