0

不知何故,我在 mysql 慢查询日志文件中将 sleep() 函数注入到许多查询中。在项目的源代码中没有使用这样的功能,在 apache 访问日志中它也不存在......那个注入是怎么来的?

例子:

Count         : 64  (0.05%)
Time          : 156971.170609 s total, 2452.674541 s avg, 1635.656901 s to 3269.711339 s max  (0.00%)
  95% of Time : 143892.367342 s total, 2398.206122 s avg, 1635.656901 s to 3269.692319 s max
Lock Time (s) : 13.918 ms total, 217 <B5>s avg, 39 <B5>s to 3.076 ms max  (0.00%)
  95% of Lock : 6.909 ms total, 115 <B5>s avg, 39 <B5>s to 1.026 ms max
Rows sent     : 1 avg, 1 to 1 max  (0.00%)
Rows examined : 817 avg, 817 to 817 max  (0.00%)
Database      : 
Users         : 
        hostname and IP address : 100.00% (64) of query, 87.12% (106190) of all users

Query abstract:
SET timestamp=N; SELECT COUNT(*) AS total FROM new_forum_topics WHERE status = N AND forum_id = N AND sleep(N) AND posts_count > N ORDER BY inserted ASC;

Query sample:
SET timestamp=1344768385;
SELECT count(*) as total
            FROM `new_forum_topics`
            WHERE `status` = 1
                AND `forum_id` = 6 and sleep(2) 
                AND `posts_count` > 0
            ORDER BY `inserted` ASC;

但在代码中查询看起来像

$sql = "SELECT count(*) as total
            FROM `new_forum_topics`
            WHERE `status` = ".intval($this->STATUS_ACTIVE)."
                AND `forum_id` = ".intval($forum_id)."
                AND `posts_count` > 0
            ORDER BY `inserted` ASC;";
4

1 回答 1

0

您正在运行的应用程序中很可能存在 SQL 注入漏洞。没有细节,我们无法确定它是什么。

于 2012-12-04T07:26:07.553 回答