使用JavaDB和netbeans进行硬编码。我写了一个简单的表,然后我写了一个简单的java程序来运行并连接到数据库,代码似乎运行良好。我有目的地使用用户名/密码对数据库进行了硬编码。写了一段代码,真棒。我正在使用终端和javap -c,使用DriverManager.getConnection(url,“username”,“password。”); o读取所有文件,我希望这被认为是硬编码的黑客攻击,我需要一种方法来缓解它,或者修补它。我在看Argon2 for java,但还是无法理解它。这些是运行代码,连接,数据库的图片,在终端我运行javap -c,它让我输出用户名/密码信息,我怎么能阻止。另外我在NB tjat中安装了一个调试插件,工作过一次就像javap一样,但它只运行一次。如果有人可以帮助我或不同类型的缓解 - 补丁我真的很感激它。 主要代码例外: import java.sql.SQLException;
public class HardCodeMitigation {
public static void main(String[] args) throws SQLException {
// TODO code application logic here
abc a1 = new abc();
}
}
Second code w/DriverMan with passwords Hard-coded
import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;
class abc {
public abc() throws SQLException {
Connection conn = DriverManager.getConnection("jdbc:derby://localhost:1527/IT_Entity", "cain", "cain");
System.out.println("Connection Created");
}
}
Javap - c showing passwords: Chads - MacBook - Pro: ~chadbyars$ cd / Users / chadbyars / NetBeansProjects / hardcodemitigation / src
Chads - MacBook - Pro: src chadbyars$ javac abc.java
Chads - MacBook - Pro: src chadbyars$ java abc
Error: Main method not found in class abc, please define the main method as:
public static void main(String[] args)
or a JavaFX application class must extend javafx.application.Application
Chads - MacBook - Pro: src chadbyars$ javap - c abc
Compiled from "abc.java"
class abc {
public abc() throws java.sql.SQLException;
Code:
0: aload_0
1: invokespecial #1 // Method java/lang/Object."<init>":()V
4: ldc # 2 // String jdbc:derby://localhost:1527/IT_Entity
6: ldc #3 // String cain
8: ldc # 3 // String cain
10: invokestatic #4 // Method java/sql/DriverManager.getConnection:(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Ljava/sql/Connection;
13: astore_1
14: getstatic # 5 // Field java/lang/System.out:Ljava/io/PrintStream;
17: ldc #6 // String Connection Created
19: invokevirtual # 7 // Method java/io/PrintStream.println:(Ljava/lang/String;)V
22: return
}
Chads - MacBook - Pro: src chadbyars$