Web漏洞處理--http host頭攻擊漏洞處理方案/檢測到目標URL存在寬位元組跨站漏洞/ 檢測到目標URL存在SQL注入漏洞
阿新 • • 發佈:2018-12-17
1.配置web 攔截器
<filter> <filter-name>XssSqlFilter</filter-name> <filter-class>com.enation.eop.SessionFilter</filter-class> </filter> <filter-mapping> <filter-name>XssSqlFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
2.攔截器程式碼
package com.enation.eop; import java.io.IOException; import java.util.Iterator; import java.util.Map; import javax.servlet.Filter; import javax.servlet.FilterChain; import javax.servlet.FilterConfig; import javax.servlet.ServletException; import javax.servlet.ServletRequest; import javax.servlet.ServletResponse; import javax.servlet.http.HttpServletRequest; import javax.servlet.http.HttpServletResponse; import org.apache.commons.lang.StringUtils; import org.apache.log4j.Logger; public class SessionFilter implements Filter { private static Logger log = Logger.getLogger(SessionFilter.class); public void destroy() { } public void doFilter(ServletRequest servletRequest, ServletResponse servletResponse, FilterChain filterChain) throws IOException, ServletException { HttpServletRequest request = (HttpServletRequest) servletRequest; HttpServletResponse response = (HttpServletResponse) servletResponse; String requestStr = getRequestString(request); System.out.println("requestStr: ======================== " + requestStr); System.out.println("完整的地址是====" + request.getRequestURL().toString()); System.out.println("提交的方式是========" + request.getMethod()); log.info("requestStr: ======================== " + requestStr); log.info("完整的地址是====" + request.getRequestURL().toString()); log.info("提交的方式是========" + request.getMethod()); if ("bingo".equals(guolv2(requestStr)) || "bingo".equals(guolv2(request.getRequestURL().toString()))) { System.out.println("======訪問地址發現非法字元,已攔截======"); log.info("======訪問地址發現非法字元,已攔截======其非法地址為:"+guolv2(request.getRequestURL().toString())); response.sendRedirect(request.getContextPath() + "/login.jsp"); return; } // 主機ip和埠 或 域名和埠 String myhosts = request.getHeader("host"); if (!StringUtils.equals(myhosts, "xx.xx.xxx.xxx:xxxx") && !StringUtils.equals(myhosts, "xx.xx.xxx.xxx:xxxx") && !StringUtils.equals(myhosts, "xx.xx.xxx.xxx:xxxx") && !StringUtils.equals(myhosts, "xx.xx.xxx.xxx") && !StringUtils.equals(myhosts, "xx.xx.xxx.xxx") && !StringUtils.equals(myhosts, "xx.xx.xxx.xxx")) { System.out.println("======訪問host非法,已攔截======其非法host為:"+myhosts); log.info("======訪問host非法,已攔截======其非法host為:"+myhosts); response.sendRedirect(request.getContextPath() + "/login.jsp"); //或者response.setStatus(403); return; } String currentURL = request.getRequestURI(); // add by wangsk 過濾請求特殊字元,掃描跨站式漏洞 Map parameters = request.getParameterMap(); if (parameters != null && parameters.size() > 0) { for (Iterator iter = parameters.keySet().iterator(); iter.hasNext();) { String key = (String) iter.next(); String[] values = (String[]) parameters.get(key); for (int i = 0; i < values.length; i++) { values[i] = guolv(values[i]); System.out.println(values[i]); } } } filterChain.doFilter(servletRequest, servletResponse);return; } public void init(FilterConfig filterConfig) throws ServletException { } public static String guolv(String a) { a = a.replaceAll("%22", ""); a = a.replaceAll("%27", ""); a = a.replaceAll("%3E", ""); a = a.replaceAll("%3e", ""); a = a.replaceAll("%3C", ""); a = a.replaceAll("%3c", ""); a = a.replaceAll("<", ""); a = a.replaceAll(">", ""); a = a.replaceAll("\"", ""); a = a.replaceAll("'", ""); a = a.replaceAll("\\+", ""); a = a.replaceAll("\\(", ""); a = a.replaceAll("\\)", ""); a = a.replaceAll(" and ", ""); a = a.replaceAll(" or ", ""); a = a.replaceAll(" 1=1 ", ""); return a; } private String getRequestString(HttpServletRequest req) { String requestPath = req.getServletPath().toString(); String queryString = req.getQueryString(); if (queryString != null) return requestPath + "?" + queryString; else return requestPath; } public String guolv2(String a) { if (StringUtils.isNotEmpty(a)) { if (a.contains("%22") || a.contains("%3E") || a.contains("%3e") || a.contains("%3C") || a.contains("%3c") || a.contains("<") || a.contains(">") || a.contains("\"") || a.contains("'") || a.contains("+") || /* * a.contains("%27") * || */ a.contains(" and ") || a.contains(" or ") || a.contains("1=1") || a.contains("(") || a.contains(")")) { return "bingo"; } } return a; } }