记录一次SQL注入与问题排查 | 牧宇的Blog #3
Replies: 2 comments 1 reply
-
|
测试评论again |
Beta Was this translation helpful? Give feedback.
0 replies
-
|
参数化查询后sql注入应该很难吧,看你的修复方法好像不太正规 |
Beta Was this translation helpful? Give feedback.
1 reply
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Uh oh!
There was an error while loading. Please reload this page.
-
记录一次SQL注入与问题排查 | 牧宇的Blog
最近做了一个小程序,用 nestJS 做的服务端,数据库是 MySQL 。然后被SQL注入攻击了,第一次遇到,感觉还很有意思,记录一下。 其实是微信平台做的模拟攻击,所以也并没有任何实际破坏,仅仅是数据库里被塞入了多条不符合预期的数据。
http://localhost:4000/%E6%9C%8D%E5%8A%A1%E7%AB%AF/%E8%AE%B0%E5%BD%95%E4%B8%80%E6%AC%A1SQL%E6%B3%A8%E5%85%A5%E4%B8%8E%E9%97%AE%E9%A2%98%E6%8E%92%E6%9F%A5/
Beta Was this translation helpful? Give feedback.
All reactions