With the development of B/S application development, more and more programmers are writing applications using this mode. However, due to the low entry threshold in this industry, the programmer's level and experience are also uneven. A considerable number of programmers did not judge the legitimacy of user input data when writing code, application security risks. You can submit a piece of database query code and obtain the desired data based on the results returned by the program. This is called SQL injection, that is, SQL injection.
SQL injection is accessed from the normal WWW port, and it seems to be no different from the general web page access, so the current Municipal firewall does not alert SQL injection, if the Administrator does not check IIS logs, it may be invisible for a long time. However, the SQL injection method is quite flexible, and many unexpected situations may occur during the injection process. It is the fundamental difference between a master and a cainiao to analyze the specific situation and construct clever SQL statements to obtain the desired data. According to national conditions, ASP + access or sqlserver accounts for more than 70% of Chinese websites, PHP + mysq accounts for L20 %, and other websites are less than 10%.
In this article, we will explain the methods and skills of ASP injection from entry-level, advanced to advanced. The PHP injection article was written by another Nb-consortium friend Zwell, it is expected to be useful to security workers and programmers. Do not skip this article if you are familiar with ASP injection, because some people still have misunderstandings about the basic injection judgment methods. Are you ready?
Lets go...
If you have never tried SQL injection before, remove the check box before ie menu> Tools> Internet Options> advanced => show friendly HTTP Error messages. Otherwise, no matter what error is returned by the server, ie Only displays as an HTTP 500 server error and cannot receive more prompts. Section 1. SQL Injection principles we start from www.19cn.com ). On the home page of the website, named "ie cannot open new window of a variety of solutions" link, address: http://www.19cn.com/showdetail.asp? Id = 49. When a single quotation mark is added to this address, the server returns the following error message: Microsoft Jet Database Engine error 80040e14 string syntax error in the query expression id = 49. /Showdetail. asp, row 8 shows the following points from the error prompt:
1. The website uses an Access database and connects to the database through the jet engine, instead of using ODBC.
2. The program does not determine whether the data submitted by the client meets the program requirements.
3. The table queried by this SQL statement has a field named ID.
From the above example, we can know that the principle of SQL injection is to submit special code from the client to collect information about programs and servers and obtain the information you think. # Database Technology