{"id":5867,"date":"2023-04-17T20:37:49","date_gmt":"2023-04-17T11:37:49","guid":{"rendered":"\/blog\/?p=5867"},"modified":"2023-09-21T09:26:21","modified_gmt":"2023-09-21T00:26:21","slug":"ssc-%ec%a4%91%eb%b3%b5-%ec%b7%a8%ec%95%bd%ec%a0%90-%ec%a0%9c%ea%b1%b0-mysql-%ec%bf%bc%eb%a6%ac","status":"publish","type":"post","link":"https:\/\/hasu0707.duckdns.org\/blog\/?p=5867","title":{"rendered":"[SSC] \uc911\ubcf5 \ucde8\uc57d\uc810 \uc81c\uac70 MySQL \ucffc\ub9ac"},"content":{"rendered":"\n
-- \ud3ec\ud2f0\ud30c\uc774 \uc911\ubcf5 \ucde8\uc57d\uc810 Suppress \ucc98\ub9ac \ucffc\ub9ac (MySQL \uc804\uc6a9)\n-- \uc0ac\uc6a9\ubc29\ubc95: (65535)\ub97c \uc81c\uac70\ub97c \uc6d0\ud558\ub294 \uc560\ud50c\ub9ac\ucf00\uc774\uc158 \ubc88\ud638\ub85c \ubcc0\uacbd \ud6c4 \uc0ac\uc6a9\nUPDATE\n  ISSUE AS L1\n  INNER JOIN ISSUE L2 ON L1.ID <> L2.ID\n    AND L1.ID < L2.ID\n    AND L2.SUPPRESSED = 'N'\n    AND L2.PROJECTVERSION_ID IN (65535)\nSET\n  L2.REVISION = 1,\n  L2.AUDITED = 'N',\n  L2.AUDITEDTIME = NULL,\n  L2.SUPPRESSED = 'Y',\n  L2.ISSUESTATUS = 'Under Review',\n  L2.ISSUESTATE = 'Open Issue',\n  L2.USERNAME = NULL\nWHERE\n  L1.KINGDOM = L2.KINGDOM\n  AND L1.ISSUETYPE = L2.ISSUETYPE\n  AND L1.ISSUESUBTYPE = L2.ISSUESUBTYPE\n  AND L1.FRIORITY = L2.FRIORITY\n  AND L1.FILENAME = L2.FILENAME\n  AND L1.LINENUMBER = L2.LINENUMBER\n  AND L1.PACKAGENAME = L2.PACKAGENAME\n  AND L1.FUNCTIONNAME = L2.FUNCTIONNAME\n  AND L1.CLASSNAME = L2.CLASSNAME\n  AND L1.CATEGORY = L2.CATEGORY;\n\n--------------------------------------------------------\n-- \uc544\ub798\ub294 \ubaa8\ub450 \ud14c\uc2a4\ud2b8 \ucffc\ub9ac\n--------------------------------------------------------\n\n-- Low \ucde8\uc57d\uc810\uc744 \ubaa8\ub450 Suppress \ucc98\ub9ac\nUPDATE ISSUE SET SUPPRESSED='Y', ISSUESTATUS='Under Review', REVISION=1 WHERE PROJECTVERSION_ID IN (1) AND FRIORITY='Low';\n\n-- Low \ucde8\uc57d\uc810 Suppress \uc6d0\uc0c1\ubcf5\uad6c\nUPDATE ISSUE SET SUPPRESSED='N', ISSUESTATUS='Unreviewed', REVISION=0 WHERE PROJECTVERSION_ID IN (1);\nSELECT * FROM ISSUE WHERE SUPPRESSED='Y';\n\n-- \ubaa8\ub2c8\ud130\ub9c1\nSELECT ID, ISSUETYPE, ISSUESUBTYPE, FRIORITY, FILENAME, LINENUMBER, FUNCTIONNAME, SUPPRESSED FROM ISSUE ORDER BY FILENAME,ISSUESUBTYPE, ID ASC;\n\n-- TEST#2\nSELECT\n  L2.ID,\n  L2.PROJECTVERSION_ID,\n  L2.KINGDOM,\n  L2.ISSUETYPE,\n  L2.ISSUESUBTYPE,\n  L2.FRIORITY,\n  L2.FILENAME,\n  L1.LINENUMBER,\n  L2.LINENUMBER\nFROM\n  ISSUE AS L1\n  INNER JOIN ISSUE L2 ON L1.ID <> L2.ID AND L1.ID < L2.ID AND L2.SUPPRESSED = 'N' AND L2.PROJECTVERSION_ID IN (1)\nWHERE\n  L1.KINGDOM = L2.KINGDOM\n  AND L1.ISSUETYPE = L2.ISSUETYPE\n  AND L1.ISSUESUBTYPE = L2.ISSUESUBTYPE\n  AND L1.FRIORITY = L2.FRIORITY\n  AND L1.FILENAME = L2.FILENAME\n  AND L1.LINENUMBER = L2.LINENUMBER\n  AND L1.PACKAGENAME = L2.PACKAGENAME\n  AND L1.FUNCTIONNAME = L2.FUNCTIONNAME\n  AND L1.CLASSNAME = L2.CLASSNAME\n  AND L1.CATEGORY = L2.CATEGORY;\n\n-------------------------------------\n\nSELECT FILENAME FROM (SELECT MIN(ID) FROM ISSUE GROUP BY FILENAME HAVING COUNT(*) > 1) AS S;\n\n\nUPDATE ISSUE SET SUPPRESSED='Y' WHERE PROJECTVERSION_ID IN (1) AND FILENAME='JavaSource\/org\/owasp\/webgoat\/lessons\/SQLInjection\/Login.java';\n\nSELECT ID, FILENAME, SUPPRESSED FROM ISSUE WHERE FILENAME='JavaSource\/org\/owasp\/webgoat\/lessons\/SQLInjection\/Login.java';\n\n\n\nSELECT ID, FILENAME, SUPPRESSED FROM ISSUE WHERE SUPPRESSED='Y';\n\nSELECT ID, ISSUETYPE, ISSUESUBTYPE, FRIORITY, SUPPRESSED FROM ISSUE WHERE PROJECTVERSION_ID IN (1) AND FILENAME='JavaSource\/org\/owasp\/webgoat\/lessons\/HtmlClues.java' AND LINENUMBER=63;\n\nSELECT * FROM ISSUE WHERE FILENAME = 'JavaSource\/org\/owasp\/webgoat\/lessons\/HtmlClues.java'  AND LINENUMBER = 83;\n\nSELECT * FROM ISSUE WHERE PROJECTVERSION_ID IN (1) AND id=82149;\n\nfile:JavaSource\/org\/owasp\/webgoat\/lessons\/HtmlClues.java\nsuppressed:true\n\n\nKINGDOM, ISSUETYPE, ISSUESUBTYPE, LINENUMBER, FRIORITY\n\n-- \ud14c\uc2a4\ud2b8 ROW \uac80\uc0c9\nSELECT ID, FILENAME, SUPPRESSED FROM ISSUE WHERE filename = \"WebContent\/main1.jsp\";\nSELECT ID, FILENAME, SUPPRESSED FROM ISSUE WHERE SUPPRESSED='Y';\n\n-- ROW \ubcf5\uc0ac\ubcf8 \ub9cc\ub4e4\uae30\nINSERT INTO issue\n            (remediationconstant,\n             projectversion_id,\n             issueinstanceid,\n             filename,\n             shortfilename,\n             severity,\n             ruleguid,\n             confidence,\n             kingdom,\n             issuetype,\n             issuesubtype,\n             analyzer,\n             linenumber,\n             taintflag,\n             packagename,\n             functionname,\n             classname,\n             issueabstract,\n             friority,\n             enginetype,\n             scanstatus,\n             audienceset,\n             lastscan_id,\n             replacestore,\n             snippetid,\n             url,\n             category,\n             source,\n             sourcecontext,\n             sourcefile,\n             sink,\n             sinkcontext,\n             username,\n             objectversion,\n             revision,\n             audited,\n             auditedtime,\n             suppressed,\n             issuestatus,\n             issuestate,\n             findingguid,\n             dynamicconfidence,\n             hidden,\n             likelihood,\n             impact,\n             accuracy,\n             rtacovered,\n             probability,\n             folder_id,\n             founddate,\n             removeddate,\n             requestidentifier,\n             requestheader,\n             requestparameter,\n             requestbody,\n             requestmethod,\n             cookie,\n             httpversion,\n             attackpayload,\n             attacktype,\n             response,\n             triggerdefinition,\n             triggerstring,\n             triggerdisplaytext,\n             secondaryrequest,\n             sourceline,\n             mappedcategory,\n             issuerecommendation,\n             correlated,\n             correlationsetguid,\n             enginepriority,\n             contextid,\n             bug_id,\n             attacktriggerdefinition,\n             vulnerableparameter,\n             reprostepdefinition,\n             stacktrace,\n             stacktracetriggerdisplaytext,\n             manual,\n             minvirtualcallconfidence)\nSELECT remediationconstant,\n       projectversion_id,\n       '07DC81F1724D3DD1F052EE4103000003',\n       filename,\n       shortfilename,\n       severity,\n       ruleguid,\n       confidence,\n       kingdom,\n       issuetype,\n       issuesubtype,\n       analyzer,\n       linenumber,\n       taintflag,\n       packagename,\n       functionname,\n       classname,\n       issueabstract,\n       friority,\n       enginetype,\n       scanstatus,\n       audienceset,\n       lastscan_id,\n       replacestore,\n       snippetid,\n       url,\n       category,\n       source,\n       sourcecontext,\n       sourcefile,\n       sink,\n       sinkcontext,\n       username,\n       objectversion,\n       revision,\n       audited,\n       auditedtime,\n       suppressed,\n       issuestatus,\n       issuestate,\n       findingguid,\n       dynamicconfidence,\n       hidden,\n       likelihood,\n       impact,\n       accuracy,\n       rtacovered,\n       probability,\n       folder_id,\n       founddate,\n       removeddate,\n       requestidentifier,\n       requestheader,\n       requestparameter,\n       requestbody,\n       requestmethod,\n       cookie,\n       httpversion,\n       attackpayload,\n       attacktype,\n       response,\n       triggerdefinition,\n       triggerstring,\n       triggerdisplaytext,\n       secondaryrequest,\n       sourceline,\n       mappedcategory,\n       issuerecommendation,\n       correlated,\n       correlationsetguid,\n       enginepriority,\n       contextid,\n       bug_id,\n       attacktriggerdefinition,\n       vulnerableparameter,\n       reprostepdefinition,\n       stacktrace,\n       stacktracetriggerdisplaytext,\n       manual,\n       minvirtualcallconfidence\nFROM   issue\nWHERE  issueinstanceid = \"0857E967144A3C48AF21E136E28DE988\";<\/pre>\n","protected":false},"excerpt":{"rendered":"","protected":false},"author":2,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"_import_markdown_pro_load_document_selector":0,"_import_markdown_pro_submit_text_textarea":"","site-sidebar-layout":"default","site-content-layout":"","ast-site-content-layout":"","site-content-style":"default","site-sidebar-style":"default","ast-global-header-display":"","ast-banner-title-visibility":"","ast-main-header-display":"","ast-hfb-above-header-display":"","ast-hfb-below-header-display":"","ast-hfb-mobile-header-display":"","site-post-title":"","ast-breadcrumbs-content":"","ast-featured-img":"","footer-sml-layout":"","theme-transparent-header-meta":"","adv-header-id-meta":"","stick-header-meta":"","header-above-stick-meta":"","header-main-stick-meta":"","header-below-stick-meta":"","astra-migrate-meta-layouts":"default","ast-page-background-enabled":"default","ast-page-background-meta":{"desktop":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"ast-content-background-meta":{"desktop":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"tablet":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""},"mobile":{"background-color":"var(--ast-global-color-5)","background-image":"","background-repeat":"repeat","background-position":"center center","background-size":"auto","background-attachment":"scroll","background-type":"","background-media":"","overlay-type":"","overlay-color":"","overlay-opacity":"","overlay-gradient":""}},"footnotes":""},"categories":[66,10],"tags":[],"class_list":["post-5867","post","type-post","status-publish","format-standard","hentry","category-computing_fortify","category-computing_database"],"_links":{"self":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/posts\/5867","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5867"}],"version-history":[{"count":0,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=\/wp\/v2\/posts\/5867\/revisions"}],"wp:attachment":[{"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5867"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5867"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/hasu0707.duckdns.org\/blog\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5867"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}