How to fix a Web site by SQL injection

Recently, the site is frequently hacked. In the site inexplicably more than one article, there are more than a set of maps. Is wondering who can log in my backstage post and pictures, my QQ pop-up message, a stranger to me to send a message, said that my site has loopholes, but also said he got my website. But fortunately, he gave me the details of the black My Site method, but also reminded me to repair and repair, or else it will be black. From what he learned, he used the "Ah D injection Tool", first find my site whether there is an injection point, if there is, to inject, can be cracked to get the background password.

That night I downloaded the "Ah D injection Tool" to study, know the principle of his injection, some changes to the Web page, but with the tool to check, there is an injection point. Shrimp incompetent, had to search the Internet, found the following methods, according to the following modifications, and then "Ah D injection Tool" detection, there is no injection point.

The following is a fix:

The tool detects that a site has a SQL injection point, so how do you fix it?

1. Create a new ASP file, write the following code, and save the file name checksql.asp.

<%

Dim fy_url,fy_a,fy_x,fy_cs (), FY_CL,FY_TS,FY_ZX

""---define partial headers------

FY_CL = 3 " ' processing mode: 1 = hint information, 2 = Turn page, 3 = First prompt then turn to

Fy_zx = "[color=red] Enter your page address [/color]" "" "" "" when the error of the page

"" "---define part of the tail------

on Error Resume Next

fy_url=request.servervariables ("query_string")

Fy_a=split (Fy_url, " & ")

ReDim Fy_cs (UBound (fy_a))

on Error Resume Next

for fy_x=0 to UBound (fy_a)

Fy_c S (fy_x) = Left (Fy_a (fy_x), InStr (Fy_a (fy_x), "=")-1)

Next

for fy_x=0 to UBound (fy_cs

If fy_cs (fy_x) <> "Then

If Instr (LCase (Fy_cs))," "" Fy_x or <>0 Instr ( Request (Fy_cs (fy_x)), "and") <>0 or Instr (LCase (Fy_cs)), "select" Fy_x or <>0 ( Request (Fy_cs (fy_x)), "Update") <>0 or Instr (LCase (Fy_cs (fy_x)), "CHR") <>0 or Instr ( Request (Fy_cs (fy_x)), "Delete%20from") <>0 or Instr (LCase (Fy_cs)), ";" <>0 or Instr (LCase (Request (Fy_cs (fy_x)), insert) <>0 or INSTR (LCase (Request (Fy_cs)), "Mid" < >0 Or Instr (LCase (Request (Fy_cs (fy_x))), "Master." <>0 Then

Select case FY_CL

Case "1"

Response.Write "

Case" 2 "

Response . Write ""

Case "3"

Response.Write ""

End Select

Response.End

End If

E nd If

Next

%>

Then place the file on the site directory, and then locate the following code in the file where the injection point was found,

Note that "***.***" is a connected file, find something similar to the code, and then add a sentence later

Note that the checksql.asp is placed in the path, corresponding to the modification. After the completion of the tool after the sweep, to determine not to be found in the SQL injection point, the problem is resolved.

knowledge Supplement: the so-called SQL injection, is by inserting SQL commands into the Web form to submit or enter a domain name or page request query string, and finally to deceive the server to execute malicious SQL commands, For example, many of the previous video site leaked VIP membership password is mostly through the Web Form submitted query characters, such forms are particularly vulnerable to SQL injection attacks