所以,我正在为SQLI创建一个漏洞扫描程序,它将各个网站作为一种免费的在线服务进行测试。
无论如何,我试图看看当我扫描它时是否返回易受攻击网站上常见的文本,我正在使用preg_match这样做:
if(preg_match("You have an error in your SQL','Division by zero in|supplied argument is not a valid MySQL result resource in|Call to a member function','Microsoft JET Database|ODBC Microsoft Access Driver|Microsoft OLE DB Provider for SQL Server|Unclosed quotation mark|Microsoft OLE DB Provider for Oracle|Incorrect syntax near|SQL query failed", Connect_Host(str_replace("=", "='", $sites[2][$a])))) {
echo "Its vulnerable";
} elseif(preg_match("mysql_num_rows()"||"mysql_fetch_array()"||"Error Occured While Processing Request"||"error"in"your"sql"syntax"||"mysql_fetch_row()"||"VBScript Runtime"||"BOF or EOF"||"mysql_fetch_object()"||"Invalid Querystring", Connect_Host(str_replace("=", "='", $sites[2][$a])))) {
echo "Its vulnerable";
} else {
echo "Its not vulnerable";
flush(); ob_flush();
}
无论如何,当我运行它时,我收到一个错误:
解析错误:语法错误,第78行的C:\ xampp \ htdocs \ scanner \ index.php中的意外T_STRING
在这种情况下,错误所在的代码(第78行)是elseif,这是整行78:
} elseif(preg_match("mysql_num_rows()"||"mysql_fetch_array()"||"Error Occured While Processing Request"||"error"in"your"sql"syntax"||"mysql_fetch_row()"||"VBScript Runtime"||"BOF or EOF"||"mysql_fetch_object()"||"Invalid Querystring", Connect_Host(str_replace("=", "='", $sites[2][$a])))) {
那么,我做错了什么?
答案 0 :(得分:1)
首先,preg_match();是常规表达,而不是普通文本,因此您(可能)需要分隔符。
所以,更正了,你的行应该是:
} elseif(preg_match("/(mysql_num_rows\(\)|mysql_fetch_array\(\)|Error Occured While Processing Request|error in your sql syntax|mysql_fetch_row\(\)|VBScript Runtime|BOF or EOF|mysql_fetch_object()|Invalid Querystring/i", Connect_Host(str_replace("=", "='", $sites[2][$a]))))) {
答案 1 :(得分:0)
在第78行使用此内容:
} elseif(preg_match("/(mysql_num_rows()|mysql_fetch_array()|Error Occured While Processing Request|error in your sql syntax|mysql_fetch_row()|VBScript Runtime|BOF or EOF|mysql_fetch_object()|Invalid Querystring/i", Connect_Host(str_replace("=", "='", $sites[2][$a]))))) {