我开发了一个工具,当我运行防御工事时,我遇到了 6 个与 Db 连接字符串相关的关键问题,指出"将未经验证的输入连接到数据库连接可能允许攻击者覆盖请求参数的值。攻击者可能能够覆盖现有的参数值,注入新参数或利用直接接触不到的变量。
public bool sqlDbValidateUser(string databaseHostname, string databaseName, string databaseUsername, string databasePassword)
{
_logger.Info("starting sql DB validation");
string ConnectionString = "Data Source=" + databaseHostname + "; " +
"Initial Catalog=" + databaseName + ";" +
"User id=" + databaseUsername + ";" +
"Password=" + databasePassword + ";";
using (SqlConnection connection = new SqlConnection(ConnectionString))
{
try
{
connection.Open();
return true;
}
catch(Exception)
{
return false;
}
finally
{
if(connection !=null)
{
connection.Close();
}
}
}
}
使用 Sql 数据库时,字符串连接是纯粹的邪恶。执行您正在尝试的操作的正确方法是,替换以下代码:
string connectionString = "Data Source=" + databaseHostname + "; " +
"Initial Catalog=" + databaseName + ";" +
"User id=" + databaseUsername + ";" +
"Password=" + databasePassword + ";";
使用此代码:
string connectionString;
try
{
var builder = new SqlConnectionStringBuilder();
builder.DataSource = databaseHostname;
builder.InitialCatalog = databaseName;
builder.UserID = databaseUsername;
builder.Password = databasePassword;
connectionString = builder.ToString();
}
catch
{
return false;
}