From 11dcfdb169e0aa9df1a7ce07eefa3b0c41d13277 Mon Sep 17 00:00:00 2001 From: AISimonova <125862782+AISimonova@users.noreply.github.com> Date: Mon, 24 Jul 2023 15:08:13 +0300 Subject: [PATCH] Create Examples --- Examples | 104 +++++++++++++++++++++++++++++++++++++++++++++++++++++++ 1 file changed, 104 insertions(+) create mode 100644 Examples diff --git a/Examples b/Examples new file mode 100644 index 000000000..e53b06cf9 --- /dev/null +++ b/Examples @@ -0,0 +1,104 @@ +using NUnit.Framework; +using profdepo_server.Extensions; + +namespace Test_RemoveSqlInjections +{ + public class RemoveSqlInjections + { + [SetUp] + public void Setup() + { + } + + // 1. Проверка удаления простых SQL-инъекций. + [TestCase("INSERT INTO Users VALUES ('John', 'Doe');", "")] + [TestCase("delete from Orders where UserId = 5;", "")] + [TestCase("DROP TABLE Customers;", "")] + [TestCase("SELECT * FROM Products;", "")] + [TestCase("", "")] + [TestCase("SELECT * FROM Users WHERE Name = 'John';", "")] + [TestCase("INSERT INTO Log (Message) VALUES ('Test');", "")] + [TestCase("DELETE FROM Products WHERE Category = 'Books';", "")] + [TestCase("DROP DATABASE Test;", "")] + [TestCase("SELECT * FROM Customers;", "")] + [TestCase("UPDATE Users SET Name = 'John' WHERE Id = 1;", "")] + [TestCase("INSERT INTO Orders (ProductId, Quantity) VALUES (1, 10);", "")] + [TestCase("DELETE FROM Customers WHERE Country = 'USA';", "")] + [TestCase("ALTER TABLE Products ADD COLUMN Price decimal(10,2);", "")] + [TestCase("SELECT COUNT(*) FROM Orders;", "")] + [TestCase("SELECT * FROM Products WHERE Price > 100;", "")] + [TestCase("CREATE TABLE Employees (Id int, Name varchar(50));", "")] + [TestCase("SELECT AVG(Salary) FROM Employees WHERE Department = 'Sales';", "")] + + // 2. Проверка защиты от UNION SQL-инъекций. + [TestCase("SELECT * FROM Products WHERE Category = 'Books' UNION SELECT * FROM Users;", "")] + [TestCase("SELECT * FROM Products UNION SELECT * FROM Users;", "")] + [TestCase("SELECT * FROM Products WHERE Price > 100 UNION SELECT * FROM Users WHERE 1=1--;", "")] + [TestCase("SELECT * FROM Customers UNION SELECT * FROM Users WHERE 1=0--;", "")] + [TestCase("SELECT * FROM Products; SELECT * FROM Users UNION SELECT * FROM Log;", "")] + [TestCase("SELECT * FROM Orders; DELETE FROM Customers UNION SELECT * FROM Users WHERE 1=1--;", "")] + + // 3. Проверка защиты от других SQL-инъекций. + [TestCase("'; SELECT * FROM Users; --", "")] + [TestCase("1; DROP TABLE Orders; --", "")] + [TestCase("UPDATE Products SET Price = 0 WHERE 1=1--;", "")] + [TestCase("update Users SET Password = 'hacked' WHERE 1=0--;", "")] + [TestCase("UPDATE Customers SET Contact = 'John' WHERE Country = 'USA' OR 1=1--;", "")] + [TestCase("UPDATE Orders SET Status = 'Shipped' WHERE Quantity > 10 OR 1=0--;", "")] + [TestCase("SELECT * FROM Products WHERE Category = 'Books' UNION SELECT * FROM Users WHERE 1=1--;", "")] + [TestCase("UPDATE Products SET Price = Price * 0.9 WHERE Category = 'Electronics' OR 1=1--;", "")] + + // UNION SQL-инъекция с использованием подзапроса + [TestCase("SELECT * FROM Products WHERE Category = 'Books' UNION SELECT * FROM Users WHERE UserId = (SELECT UserId FROM Orders WHERE ProductId = 1);", "")] + + // Использование временных таблиц + [TestCase("CREATE TABLE #TempTable (Id int, Name varchar(50)); INSERT INTO #TempTable VALUES (1, 'John'); SELECT * FROM #TempTable;", "")] + + // BLIND SQL-инъекция + [TestCase("SELECT * FROM Users WHERE Id = 1; IF (1=1) WAITFOR DELAY '0:0:10'; --", "")] + + // Многоуровневая SQL-инъекция + [TestCase("SELECT * FROM Products WHERE Category = (SELECT Category FROM Categories WHERE CategoryId = '1');", "")] + + // Time-Based SQL-инъекция + [TestCase("SELECT * FROM Products WHERE Category = 'Books'; WAITFOR DELAY '0:0:10'; --", "")] + + // Error-Based SQL-инъекция + [TestCase("SELECT * FROM Products WHERE Category = 'Books' AND 1=CONVERT(int, (SELECT @@version)); --", "")] + + // Boolean-Based SQL-инъекция + [TestCase("SELECT * FROM Users WHERE Id = 1 OR (SELECT COUNT(*) FROM Orders) > 0; --", "")] + + // Out-of-Band SQL-инъекция + [TestCase("SELECT * FROM Products; EXEC xp_cmdshell('ping 10.10.10.10'); --", "")] + + // Second-Order SQL-инъекция + [TestCase("INSERT INTO Orders (ProductId, Quantity) VALUES (1, 10); --", "")] + + // Другие примеры SQL-инъекций (добавлены новые примеры): + + // UNION SQL-инъекция с подменой возвращаемого количества столбцов + [TestCase("SELECT * FROM Products WHERE Category = 'Books' UNION SELECT UserId, UserName, Password FROM Users; --", "")] + + // Error-Based SQL-инъекция с извлечением информации через ошибки + [TestCase("SELECT * FROM Products WHERE Category = 'Books' AND 1=(SELECT COUNT(*) FROM NonExistentTable); --", "")] + + // Использование комментариев для обхода фильтров + [TestCase("SELECT * FROM Users WHERE Id = 1 /* AND IsActive = 1 */;", "")] + + // Внедрение SQL-кода в числовых значениях + [TestCase("SELECT * FROM Products WHERE ProductId = 1 OR 1=1; --", "")] + + // Использование обратных слешей для обхода фильтров + [TestCase("SELECT * FROM Users WHERE Name = 'John'\' OR 1=1;", "")] + + // Использование Unicode-символов для обхода фильтров + [TestCase("SELECT * FROM Users WHERE Name = N'John' OR 1=1;", "")] + + public void RemoveSqlInject(string input, string expectedOutput) + { + string value = ExtensionString.RemoveSqlInjections(input); + Assert.That(value, Is.EqualTo(expectedOutput)); + } + } +}