SQL×¢Èë¼òµ¥Ô­Àí·ÖÎö

 SQL×¢Èë¼òµ¥·ÖÎö
ʾÀýÓï¾ä£º
select * from admintable where adminName like '%a%'
ÔÚ²éѯÖÐÎÒÃÇÒ»°ãÔÚaÕâ¸öµØ·½ÓɽçÃæ´«È벻ͬµÄÖµ£¬µ±ÎÒÃÇÔÚaÕâÀï´«ÈëµÄֵΪ“'”µ¥ÒýºÅʱ£¬Æ´´Õ³ÉµÄSQLÓï¾ä¾ÍÈçÏ£º
select * from admintable where adminName like '%'%'
Ö´ÐÐÕâ¾äÓï¾äÎÒÃǻᷢÏÖ³öÏÖÒÔÏÂÒì³££º
ÏûÏ¢ 105£¬¼¶±ð 15£¬×´Ì¬ 1£¬µÚ 1 ÐÐ
×Ö·û´® '
' ºóµÄÒýºÅ²»ÍêÕû¡£
ÏûÏ¢ 102£¬¼¶±ð 15£¬×´Ì¬ 1£¬µÚ 1 ÐÐ
'
' ¸½½üÓÐÓï·¨´íÎó¡£
ÒòΪµ¥ÒýºÅµÄ¼ÓÈëÊÇÔ­±¾ÍêÕûµÄSQLÓï¾äÆ´´Õ²»ÔÙÍêÕû£¬Òò´Ëµ¼ÖÂÒÔÉÏÒì³£¡£
¶øÒ»°ãºÚ¿ÍÔÚ¼òµ¥µÄ³¢ÊÔ×¢Èëʱ£¬ÔÚ½çÃæµÄÊäÈë´¦£¨ÈçURLµÄ²ÎÊý£¬Îı¾¿òµÄÊäÈëµÈ£©Ö±½ÓÊäÈëµ¥ÒýºÅÀ´²âÊÔÊÇ·ñ»áÒý·¢SQLÒì³££¬¸ù¾ÝÒ³ÃæµÄ´íÎó´úÂëÕ¹ÏÖÀ´ÅжÏÊÇ·ñ´æÔÚSQL×¢È멶´£¬ÀýÈç»áÖ±½ÓÔÚÒ³ÃæÖгöÏÖSQLµÄÒì³£´úÂë»òÖ±½ÓÌøתµ½´íÎóÒ³Ãæ¡£µ±±»ÈÏΪ´æÔÚSQL×¢È멶´Ê±£¬ÄÇô½«²»ÔÙÊÇÊäÈëµ¥ÒýºÅÁË£¬¶øÊÇÊäÈëÏà¹ØµÄSQLÖ´ÐÐÓï¾ä¡£
ÓÚÊǵ±ÎÒÃÇ´«È벻ͬµÄÖµÀýÈç
  ' or 1=1 ;delete admintable where 1=1 or ''=' 
µÃµ½µÄSQLÓï¾ä¾ÍÈçÏ£º
select * from admintable where adminName like '%' or 1=1 ;delete admintable where 1=1 or ''='%'
¶øÕâ¾äSQLµÄÖ´ÐÐЧ¹û¾ÍÓÐÁ½¸ö£º
1¡¢select * from admintable where adminName like '%' or 1=1 ;
     --²éѯadmintable
2¡¢delete admintable where 1=1 or ''='%'
     --½«admintableÇå¿Õ
Ò²¾ÍÊÇ˵Èç¹û°Ñdelete admintable where 1=1 Õâ¾äSQLÀ©Õ¹Ð޸ĵĻ°£¬¿ÉÒÔÖ´ÐÐÔöɾ¸ÄµÈ²Ù×÷ÁË£¬ÀýÈçSQL2000ÖеÄXP_CMDShellÃüÁÄÜÖ±½ÓÖ´ÐÐCMDÃüÁį̂µÄCMDÃüÁÀ´ÊµÏÖÖ±½Ó¶Ô·þÎñÆ÷µÄ¿ØÖƵȡ£
ÖÁÓÚÈçºÎ±©Â¶³öÊý¾Ý¿âµÄ¸÷¸ö±íµÄÃû×ֵȣ¬¿ÉÒÔͨ¹ýö¾Ù²Â²âµÈ·½Ê½ÊµÏÖ£¬ÍøÂçÉÏÒѾ­ÓÐÏà¹ØµÄSQL×¢È빤¾ß¿É¹©Ö±½ÓʹÓá£
µ±ÎÒÃǵÄÍøÕ¾´æÔÚSQL×¢È멶´Ê±£¬×îºÃÐÞ¸ÄÏà¹ØµÄµ×²ã´úÂë»òÕßʹÓÃÏà¹ØµÄ¼à¿Ø¹¤¾ßÀ´ÐÞ¸´¡£Ò»¸öÍøÕ¾±»ÈëÇÖ²¢²»ÊÇºÚ¿ÍµÄ´í£¬¶øÊÇ·þÎñÆ÷¹ÜÀíÔ±ºÍÍøÕ¾¿ª·¢ÈËÔ±ÈÇϵĻö¡£
ÈçÓдíÎ󣬾´ÇëÖ¸Õý¡£