应用异常监控

数据库异常监控

在SQL注入的探测阶段，或者报错注入的攻击阶段，通常会在数据库产生大量的异常。因此，通过监控异常可以有效的发现的SQL注入攻击。目前我们所有支持的数据库均可以监控SQL异常，且异常代码可以在插件里配置。

插件里默认监控的SQL异常如下，具体请参考官方插件的 sql_exception 检测算法。

MySQL

错误编号

报警样例

1060

Duplicate column name '5.5.60-0ubuntu0.14.04.1'

1062

Duplicate entry '::root@localhost::1' for key 'group_key'

1064

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') from mysql.user' at line 1

1105

XPATH syntax error: '~~root@localhost~~'

1367

Illegal non geometric 'user()' value found during parsing

PostgreSQL

错误编号

报警样例

42601

normal syntax error

22P02

ERROR: invalid input syntax for type double precision: "DATABASE: test1"

SQLite

错误编号

报警样例

generic error, like syntax error、malformed MATCH expression: ["3.6.23.1] and other

Oracle

错误编号

报警样例

ORA-01740

missing double quote in identifier

ORA-01756

quoted string not properly terminated

ORA-00907

missing right parenthesis

HSQL

错误编号

报警样例

-5583

malformed quoted identifier

-5590

unexpected end of statement

SQLServer

错误编号

报警样例

105

Unclosed quotation mark after the character string '%.*ls'.

245

Conversion failed when converting the %ls value '%.*ls' to data type %ls.

DB2

错误编号

报警样例

42603

The string constant beginning with "'xxx" does not have an ending string

FAQ

1. Unable to derive error code from SQL exceptions 错误

当MySQL服务器与JDBC驱动不兼容，我们将无法从异常消息里提取SQL错误代码，并打印这个错误。比如 JDBC 5.1.46 + MySQL 5.5 就会出现这个问题，可以考虑升级JDBC驱动到对应的版本来解决。

这个错误会让数据库异常监控失效。

Previous应用加固支持 Next类库信息查询

Last updated 11 days ago

应用异常监控

数据库异常监控

插件里默认监控的SQL异常如下，具体请参考官方插件的 sql_exception 检测算法。

MySQL

错误编号

报警样例

1060

Duplicate column name '5.5.60-0ubuntu0.14.04.1'

1062

Duplicate entry '::root@localhost::1' for key 'group_key'

1064

You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ') from mysql.user' at line 1

1105

XPATH syntax error: '~~root@localhost~~'

1367

Illegal non geometric 'user()' value found during parsing

PostgreSQL

错误编号

报警样例

42601

normal syntax error

22P02

ERROR: invalid input syntax for type double precision: "DATABASE: test1"

SQLite

错误编号

报警样例

generic error, like syntax error、malformed MATCH expression: ["3.6.23.1] and other

Oracle

错误编号

报警样例

ORA-01740

missing double quote in identifier

ORA-01756

quoted string not properly terminated

ORA-00907

missing right parenthesis

HSQL

错误编号

报警样例

-5583

malformed quoted identifier

-5590

unexpected end of statement

SQLServer

错误编号

报警样例

105

Unclosed quotation mark after the character string '%.*ls'.

245

Conversion failed when converting the %ls value '%.*ls' to data type %ls.

DB2

错误编号

报警样例

42603

The string constant beginning with "'xxx" does not have an ending string

FAQ

1. Unable to derive error code from SQL exceptions 错误

这个错误会让数据库异常监控失效。

Previous应用加固支持 Next类库信息查询

Last updated 11 days ago