Ò׽ؽØͼÈí¼þ¡¢µ¥Îļþ¡¢Ãâ°²×°¡¢´¿ÂÌÉ«¡¢½ö160KB

Java·ÀÖ¹SQL×¢Èë

 SQL×¢ÈëÊÇ×î³£¼ûµÄ¹¥»÷·½Ê½Ö®Ò»,Ëü²»ÊÇÀûÓòÙ×÷ϵͳ»òÆäËüϵͳµÄ©¶´À´ÊµÏÖ¹¥»÷µÄ,¶øÊdzÌÐòÔ±ÒòΪûÓÐ×öºÃÅжÏ,±»²»·¨
Óû§×êÁËSQLµÄ¿Õ×Ó,ÏÂÃæÎÒÃÇÏÈÀ´¿´ÏÂʲôÊÇSQL×¢Èë:
          ±ÈÈçÔÚÒ»¸öµÇ½½çÃæ,ÒªÇóÓû§ÊäÈëÓû§ÃûºÍÃÜÂë:
          Óû§Ãû:       ' or 1=1 --  
          ÃÜ       Âë:  
          µãµÇ½,ÈçÈôûÓÐ×öÌØÊâ´¦Àí,¶øÖ»ÊÇÒ»Ìõ´øÌõ¼þµÄ²éѯÓï¾äÈç:
          String sql="select * from users where username='"+userName+"' and password='"+password+"' "
          ÄÇôÕâ¸ö·Ç·¨Óû§¾ÍºÜµÃÒâµÄµÇ½½øÈ¥ÁË.(µ±È»ÏÖÔÚµÄÓÐЩÓïÑÔµÄÊý¾Ý¿âAPIÒѾ­´¦ÀíÁËÕâЩÎÊÌâ)
          ÕâÊÇΪʲôÄØ?ÎÒÃÇÀ´¿´¿´ÕâÌõÓï¾ä,½«Óû§ÊäÈëµÄÊý¾ÝÌæ»»ºóµÃµ½ÕâÑùÒ»ÌõÓï¾ä:
          select * from users where username='' or 1=1 --' and password=''
          ΪÁ˸üÃ÷°×Щ£¬¿ÉÒÔ½«Æ临ÖƵ½SQL·ÖÎöÆ÷ÖУ¬½«»á·¢ÏÖ£¬ÕâÌõÓï¾ä»á½«Êý¾Ý¿âµÄÊý¾ÝÈ«²¿¶Á³öÀ´£¬ÎªÊ²Ã´ÄØ£¿
          ºÜ¼òµ¥,¿´µ½Ìõ¼þºóÃæ username='' or 1=1 Óû§ÃûµÈÓÚ '' »ò 1=1 ÄÇôÕâ¸öÌõ¼þÒ»¶¨»á³É¹¦£¬È»ºóºóÃæ¼ÓÁ½¸ö-£¬ÕâÒâζ×Å
ʲô£¿Ã»´í£¬×¢ÊÍ£¬Ëü½«ºóÃæµÄÓï¾ä×¢ÊÍ£¬ÈÃËûÃDz»Æð×÷Óã¬ÕâÑù¾Í¿ÉÒÔ˳ÀûµÄ°ÑÊý¾Ý¿âÖеÄÊý¾Ý¶ÁÈ¡³öÀ´ÁË¡£
          Õ⻹ÊDZȽÏÎÂÈáµÄ£¬Èç¹ûÊÇÖ´ÐÐ
          select * from users where username='' ;DROP Database      (DB Name) --' and password=''
          .......ÆäËûµÄÄú¿ÉÒÔ×Ô¼ºÏëÏ󡣡£¡£
          ÄÇôÎÒÃÇÔõôÀ´´¦ÀíÕâÖÖ


Ïà¹ØÎĵµ£º

´«ÖDz¥¿ÍJAVAÅàѵ2010 4 26SVN/CVS×ܽá

      ½ñÌìÎÒÔÚ×ö·É»ú¡£ÎªÊ²Ã´ËµÎÒÔÚ×ö·É»úÄØ£¡ÒòΪÕâÊÇÎÒ½ø´«ÖDz¥¿ÍÒÔÀ´£¬¸öÈ˸оõ·Ç³£ÖØÒªµÄÒ»ÌÿΣ¬µ«ÊÇÎÒ²»ÄÜÒ»ÏÂ×Ó¼ÇסËùËùÓеĶ«Î÷£¬×òÌìÍíÉÏ£¬¿´ÊÓƵ¿´µ½ÍíÉÏÈýµã£¬½ñÌìÉϿκÜÏ뼯ÖÐ×¢ÒâÁ¦£¬µ«ÊÇ×îÖÕ»¹ÊÇÈ̲»×¡´òÁËî§Ë¯£¬µ«½ñÌìµÄµÄ¿Î¸øÎҵĸоõÊǷdz£¾ßÓÐÁ¬¹áÐÔ£¬Ç°ÃæµÄ¿ÎÈç¹ûÌýµÃ²»ÊǺÜÇ ......

ÈçºÎµ¼Èëµ¼³öMySQLÊý¾Ý¿â *.sqlÎļþ²Ù×÷

 
1. ¸ÅÊö
MySQLÊý¾Ý¿âµÄµ¼È룬ÓÐÁ½ÖÖ·½·¨£º
1) Ïȵ¼³öÊý¾Ý¿âSQL½Å±¾£¬ÔÙµ¼È룻
2) Ö±½Ó¿½±´Êý¾Ý¿âĿ¼ºÍÎļþ¡£
ÔÚ²»Í¬²Ù×÷ϵͳ»òMySQL°æ±¾Çé¿öÏ£¬Ö±½Ó¿½±´ÎļþµÄ·½·¨¿ÉÄÜ»áÓв»¼æÈݵÄÇé¿ö·¢Éú¡£
ËùÒÔÒ»°ãÍƼöÓÃSQL½Å±¾ÐÎʽµ¼Èë¡£ÏÂÃæ·Ö±ð½éÉÜÁ½ÖÖ·½·¨¡£
Linux주
2. ·½·¨Ò» SQL½Å±¾ÐÎʽ
²Ù×÷²½ÖèÈçÏ£º
2 ......

SQL SEVERÓëORACLE µÄsqlÓï¾äÇø±ð

Êýѧº¯Êý£º
1.¾ø¶ÔÖµ
S:SELECT abs(-1) value
O:SELECT abs(-1) value from dual
2.È¡Õû(´ó)
S:SELECT ceiling(-1.001) value
O:SELECT ceil(-1.001) value from dual
3.È¡Õû£¨Ð¡£©
S:SELECT floor(-1.001) value
O:SELECT floor(-1.001) value from dual
4.È¡Õû£¨½ØÈ¡£©
S:SELECT cast(-1.002 as int) value
O ......

Sql Server 2005Êý¾Ý¿â±»±ê¼ÇΪ¡°¿ÉÒÉ¡±ÎÊÌâ


ÎÊÌâ±³¾°£º
¡¡¡¡ÈÕ³£¶ÔSql Server 2005¹ØϵÊý¾Ý¿â½øÐвÙ×÷ʱ£¬ÓÐʱ¶ÔÊý¾Ý¿â£¨È磺SharepointÍøÕ¾ÅäÖÃÊý¾Ý¿âÃû
Sharepoint_Config£©½øÐÐЩ²»Õý³£²Ù×÷ÈçÊý¾Ý¿âÔÚ¶Áдʱ¶øÎÞ¹ÊÍ£Ö¹Êý¾Ý¿â£¬´Ó¶øµ¼ÖÂSql Server 2005Êý¾Ý¿â²»Õý³£
Öжϣ¬µ±Ôٴδò¿ªÊý¾Ý¿âʱ»á·¢ÏÖijЩÊý¾Ý¿â»á±»±ê¼ÇΪ“¿ÉÒÉ”£¨suspect)£¬¼´ÔÚÊý¾ ......

SQL SERVER 2005 Ô¶³Ì·ÃÎÊ

(ÊÊÓà SQL Server 2005 ÆäËû°æ±¾)
ÊÕ²Ø



SQL Server 2005 Express ÊÇ΢ÈíÌṩµÄÊý¾Ý¿âµÄµÍ¶Ë½â¾ö·½°¸,
¿ÉÃâ·ÑÈÎÒâËæ²úÆ··Ö·¢, ¿ÉÒÔÔÚXPµÈ·Çרҵ·þÎñÆ÷ϵͳÏ°²×°, »¹¿ÉÒÔÔ¶³Ì·ÃÎÊ, ¶ÔÓÚСÐÍÊý¾ÝÓ¦ÓóÌÐòÒÑ×ã¹»Âú×ãÊý¾ÝʹÓÃÒªÇó.
ĬÈÏ°²×°ÏÂ,SQL Server ......
© 2009 ej38.com All Rights Reserved. ¹ØÓÚE½¡ÍøÁªÏµÎÒÃÇ | Õ¾µãµØͼ | ¸ÓICP±¸09004571ºÅ