SQL INJECTION VULNERABILITY DETECTION METHOD, APPARATUS AND DEVICE, AND READABLE STORAGE MEDIUM

摘要

An SQL injection vulnerability detection method, apparatus and device, and a readable storage medium, the method comprising the steps of: determining a detection point of a uniform resource locator (URL) request for a website to be tested after obtaining the URL request, and constructing a sequence request for Boolean logic parameters corresponding to the detection point (S10); acquiring response pages obtained after executing the URL request and the sequence request, and performing similarity analysis on the response pages to obtain a similarity value between the response page corresponding to the URL request and a response page corresponding to each request in the sequence request (S20); and if the similarity value satisfies a preset condition, determining that an SQL injection vulnerability exists in the URL request (S30). With the present method, whether the SQL injection vulnerability exists in the URL request or not is determined according to the similarity between the response pages, and the accuracy rate of detecting SQL injection vulnerability is thus improved.