SQL×¢Èë¼òµ¥ÔÀí·ÖÎö
SQL×¢Èë¼òµ¥·ÖÎö
ʾÀýÓï¾ä£º
select * from admintable where adminName like '%a%'
ÔÚ²éѯÖÐÎÒÃÇÒ»°ãÔÚaÕâ¸öµØ·½ÓɽçÃæ´«È벻ͬµÄÖµ£¬µ±ÎÒÃÇÔÚaÕâÀï´«ÈëµÄֵΪ“'”µ¥ÒýºÅʱ£¬Æ´´Õ³ÉµÄSQLÓï¾ä¾ÍÈçÏ£º
select * from admintable where adminName like '%'%'
Ö´ÐÐÕâ¾äÓï¾äÎÒÃǻᷢÏÖ³öÏÖÒÔÏÂÒì³££º
ÏûÏ¢ 105£¬¼¶±ð 15£¬×´Ì¬ 1£¬µÚ 1 ÐÐ
×Ö·û´® '
' ºóµÄÒýºÅ²»ÍêÕû¡£
ÏûÏ¢ 102£¬¼¶±ð 15£¬×´Ì¬ 1£¬µÚ 1 ÐÐ
'
' ¸½½üÓÐÓï·¨´íÎó¡£
ÒòΪµ¥ÒýºÅµÄ¼ÓÈëÊÇÔ±¾ÍêÕûµÄSQLÓï¾äÆ´´Õ²»ÔÙÍêÕû£¬Òò´Ëµ¼ÖÂÒÔÉÏÒì³£¡£
¶øÒ»°ãºÚ¿ÍÔÚ¼òµ¥µÄ³¢ÊÔ×¢Èëʱ£¬ÔÚ½çÃæµÄÊäÈë´¦£¨ÈçURLµÄ²ÎÊý£¬Îı¾¿òµÄÊäÈëµÈ£©Ö±½ÓÊäÈëµ¥ÒýºÅÀ´²âÊÔÊÇ·ñ»áÒý·¢SQLÒì³££¬¸ù¾ÝÒ³ÃæµÄ´íÎó´úÂëÕ¹ÏÖÀ´ÅжÏÊÇ·ñ´æÔÚSQL×¢È멶´£¬ÀýÈç»áÖ±½ÓÔÚÒ³ÃæÖгöÏÖSQLµÄÒì³£´úÂë»òÖ±½ÓÌøתµ½´íÎóÒ³Ãæ¡£µ±±»ÈÏΪ´æÔÚSQL×¢È멶´Ê±£¬ÄÇô½«²»ÔÙÊÇÊäÈëµ¥ÒýºÅÁË£¬¶øÊÇÊäÈëÏà¹ØµÄSQLÖ´ÐÐÓï¾ä¡£
ÓÚÊǵ±ÎÒÃÇ´«È벻ͬµÄÖµÀýÈç
' or 1=1 ;delete admintable where 1=1 or ''='
µÃµ½µÄSQLÓï¾ä¾ÍÈçÏ£º
select * from admintable where adminName like '%' or 1=1 ;delete admintable where 1=1 or ''='%'
¶øÕâ¾äSQLµÄÖ´ÐÐЧ¹û¾ÍÓÐÁ½¸ö£º
1¡¢select * from admintable where adminName like '%' or 1=1 ;
--²éѯadmintable
2¡¢delete admintable where 1=1 or ''='%'
--½«admintableÇå¿Õ
Ò²¾ÍÊÇ˵Èç¹û°Ñdelete admintable where 1=1 Õâ¾äSQLÀ©Õ¹Ð޸ĵĻ°£¬¿ÉÒÔÖ´ÐÐÔöɾ¸ÄµÈ²Ù×÷ÁË£¬ÀýÈçSQL2000ÖеÄXP_CMDShellÃüÁÄÜÖ±½ÓÖ´ÐÐCMDÃüÁį̂µÄCMDÃüÁÀ´ÊµÏÖÖ±½Ó¶Ô·þÎñÆ÷µÄ¿ØÖƵȡ£
ÖÁÓÚÈçºÎ±©Â¶³öÊý¾Ý¿âµÄ¸÷¸ö±íµÄÃû×ֵȣ¬¿ÉÒÔͨ¹ýö¾Ù²Â²âµÈ·½Ê½ÊµÏÖ£¬ÍøÂçÉÏÒѾÓÐÏà¹ØµÄSQL×¢È빤¾ß¿É¹©Ö±½ÓʹÓá£
µ±ÎÒÃǵÄÍøÕ¾´æÔÚSQL×¢È멶´Ê±£¬×îºÃÐÞ¸ÄÏà¹ØµÄµ×²ã´úÂë»òÕßʹÓÃÏà¹ØµÄ¼à¿Ø¹¤¾ßÀ´ÐÞ¸´¡£Ò»¸öÍøÕ¾±»ÈëÇÖ²¢²»ÊÇºÚ¿ÍµÄ´í£¬¶øÊÇ·þÎñÆ÷¹ÜÀíÔ±ºÍÍøÕ¾¿ª·¢ÈËÔ±ÈÇϵĻö¡£
ÈçÓдíÎ󣬾´ÇëÖ¸Õý¡£
Ïà¹ØÎĵµ£º
SET QUOTED_IDENTIFIER ON
GO
SET ANSI_NULLS ON
GO
CREATE proc pGetInsertSQL (@TableName varchar(256))
as
begin
set nocount on
declare @sqlstr varchar(4000)
declare @sqlstr1 varchar(4000)
declare @sqlstr2 v ......
Ò» sqlÓï¾äµÄÖ´Ðв½Öè
1£©Óï·¨·ÖÎö£¬·ÖÎöÓï¾äµÄÓï·¨ÊÇ·ñ·ûºÏ¹æ·¶£¬ºâÁ¿Óï¾äÖи÷±í´ïʽµÄÒâÒå¡£
2£© ÓïÒå·ÖÎö£¬¼ì²éÓï¾äÖÐÉæ¼°µÄËùÓÐÊý¾Ý¿â¶ÔÏóÊÇ·ñ´æÔÚ£¬ÇÒÓû§ÓÐÏàÓ¦µÄȨÏÞ¡£
3£©ÊÓͼת»»£¬½«Éæ¼°ÊÓͼµÄ²éѯÓï¾äת»»ÎªÏàÓ¦µÄ¶Ô»ù±í²éѯÓï¾ä¡£
4£©±í´ïʽת»»£¬ ½«¸´Ô SQL ±í´ïʽת»»Îª½Ï¼òµ¥µÄµÈЧÁ¬½Ó±í´ïʽ¡ ......
--1.ÔÚÄ¿±ê·þÎñÆ÷ÉϽ¨Á¢Èç϶ÔÏó(±»Í¬²½µÄ·þÎñÆ÷)
if exists (select * from dbo.sysobjects where id = object_id(N'[sys_syscomments_bak]') and OBJECTPROPERTY(id, N'IsUserTable')   ......
´óÅúÁ¿²åÈëÊý¾Ýʱ 1,myisam±í,¿ÉÒÔÏÈͨ¹ý alter table table_name disable keys;#ÏȹرձíµÄË÷Òý¼ì²é,×¢ÒâÊÇ·ÇΨһË÷Òý! load data infile ¡®/path/file¡¯ into table table_name; alter table table_name anable keys;#ÔÙ´ò¿ªË÷Òý ¿É´ó´ó¼Ó¿ìµ¼Èë.»¹ÓпÉÒÔÉèÖÃbulk_insert_buffer_sizeÖµÀ´Ìá¸ß²åÈëËÙ¶È ......