??ν???Web???????

????Web?????????????????????濼???
????1.SQL Injection(SQL???)
????(1)??ν???SQL???????
?????????????????????????URL??????? ??????棬?????棬???????????.
?????1:?? ??δ????????URL?д??????????????????HTML??????е?"FORM"????????????в???????.??<FORM> ??</FORM>?????м????????????????п????????.
????<form id="form_search" action="/search/" method="get">
????<div>
????<input type="text" name="q" id="search_q" value="" />
????<input name="search" type="image" src="/media/images/site/search_btn.gif" />
????<a href="/search/" class="fl">Gamefinder</a>
????</div>
????</form>
????? 2:????????????????????????????????????Щ?????Щ???????????URL????HTTP://DOMAIN/INDEX.ASP?ID=10
?????? ?Σ???URL?????????м????Щ?????SQL????SQL??????????????URL??????HTTP://DOMAIN /INDEX.ASP?USERNAME='HI' OR 1=1
?????1??????????????SQL????????????????????:
????' or 1=1- -
????" or 1=1- -
????or 1=1- -
????' or 'a'='a
????" or "a"="a
????') or ('a'='a
?????2???????OR?? ???'???D?D?????????????
???????????????????????????????????????????????????sql=select * from user where username='username' and pwd='password'
?????? ????http://duck/index.asp?username=admin' or 1='1&pwd=11??SQL?????????￡?sql=select * from user where username='admin' or 1='1' and password='11'
????' ??admin????'???????????????????username='admin'????????????佫???????????????????.
?????? ??????OR?????????OR?????????? ????????ж??????????????????????????????????????AND????????ж??????? ?????????????????????????????????????.
?????? ????http://duck/index.asp?username=admin'--&pwd=11??SQL?? ?????????sql=select * from user where name='admin' --' and pasword='11'??
????'??admin????'?????????? ?????????username='admin'????????????佫???????????????????
????????????"--"?????????“--”???????????? ?????????????????????????(?:??ACCESS??????? Ч).
??????????????????????????????????????????????????? ????????;??? ?????????SQL?? ????.
??????????????????SQL????Σ????????о????????????????3???????????????????????????????? ???????????????????????.
????(2)??????SQL????
????????ó?????????????????????????????:
????????????????????(SQL????????????“exec”??”xp_”??”sp_”??”declare”??”Union”??”cmd”??”+”??”//”??”..”??”;”??”‘”??”--”??”%”??”0x”??”><=!-*/()|”????”???”).