学生成绩系统设计及攻击方法探讨

AbstractThe student performance system is an OA office system commonly usedat all levels of schools.It has the functions of publishing student results andmanaging students.Most of the current student performance systems exist inthe form of WEB sites and are vulnerable to attacks such as SQL injection,XSS,and unauthorized access.This article takes the student performancesystem as the representative of the OA office system,through the design andimplementation of the student performance system,understand thetechnology and system composition used in the development system,andstudy the vulnerable threat points in such office systems.Using commonWEB attack methods,try to reproduce the attack on the realized studentscore system,find a feasible attack plan,and repair the loopholes in thesystem to achieve the effect of improving the safety performance of thestudent score system.Keywords:WEB attack;Office system;Java development