EditPlus查找PHP源码简单数字型注入的正则表达式

今天看一个项目代码，文件不多，不过每个文件中都N多注入，一个一个看实在太累，索性花了点时间，弄了个正则表达式，搜索出来，然后再将安全的筛选出去。省了不少时间的说。 1.查找select、update、delete语句
((select|SELECT|update|UPDATE|delete|DELETE) .*(from|FROM|set|SET) .*(where|WHERE) .*) 查询语句,对于没有条件判断的基本不存在注入问题，因而仅搜索此语句即可
例子：
select * from user where 2.简单的数字型注入
((select|SELECT|update|UPDATE|delete|DELETE) .*(from|FROM|set|SET) .*(where|WHERE) .*=[ ]?["]?["]?\$) 能找到select、update delete三种语句，5种格式的整形注入，如：
直接变量传入
select * from guess where id=$subject_id
update guess set is_valid=0 where id=$subject_id
delete from guess where id=$subject_id
=与变量之间存在空格
select * from guess where id= $subject_id
update guess set is_valid=0 where id= $subject_id
delete from guess where id= $subject_id
变量双引号
select * from guess where id="$subject_id"
update guess set is_valid=0 where id="$subject_id"
delete from guess where id="$subject_id"
=与双引号之间存在空格
select * from guess where id= "$subject_id"
update guess set is_valid=0 where id= "$subject_id"
delete from guess where id= "$subject_id"
=与引号、双引号之间存在空格
select * from guess where id= " $subject_id"
update guess set is_valid=0 where id= " $subject_id"
delete from guess where id= " $subject_id"

版权声明：本站文章来源标注为YINGSOO的内容版权均为本站所有，欢迎引用、转载，请保持原文完整并注明来源及原文链接。禁止复制或仿造本网站，禁止在非www.yingsoo.com所属的服务器上建立镜像，否则将依法追究法律责任。本站部分内容来源于网友推荐、互联网收集整理而来，仅供学习参考，不代表本站立场，如有内容涉嫌侵权，请联系alex-e#qq.com处理。