The essence of SQL injection attack _mssql

Source: Internet
Author: User
Tags sql injection sql injection attack
An article also said there would be a "third wave" of attack in the injection attack, it will be even more difficult to detect, even Microsoft's bosses have come out to clarify that Microsoft's technology and coding is irrelevant, Microsoft has launched a special three detection software, then this SQL injection attack vulnerability is how it caused?

As Microsoft's boss said, because the Web site program developers of improper coding, not only ASP, asp.net, but also include JSP, PHP and other technologies, are not affected by Access and SQL Server database, Other relational databases, including Oracle and MySQL, have nothing to do with Microsoft. In fact, not only based on B/s architecture of the system or Web site exists such a problem, based on the C/S architecture of the system also exists such a problem, but because of the characteristics of C/s architecture is not likely to be like B/s system such a far-reaching impact. So why is this problem caused by the improper coding of the developer, and we will analyze it in detail below.

First, let's take a look at the following four SQL query statements
Statement 1:select * FROM news where newstype=1
Statement 2:select * FROM news where Newstype=1;drop table news
Statement 3:select * FROM news where newstype= ' social news '
Statement 4:select * FROM news where newstype= ' social news ';d ROP table news--'
We all know that the function of statement 1 is to query all records in the news table where the value of the Newstype field is equal to 1, where the type of the Newstype field is a numeric type, such as int, smaillint, TinyInt, float, and so on; Statement 2 is actually two statements, The function of the first article is the same as that of statement 1, and the second is to delete the news table in the database. Statement 3 and Statement 4 function and statement 1, Statement 2 is basically the same, the difference is that statements 3, 4 of the Newstype field is character type, such as: char, varchar, nvarchar, text and so on

Whether in ASP or asp.net or jsp or PHP, we generally use the "select * from news where newstype=" +v_newstype method to construct statement 1, or "SELECT * from News where Newstype= ' "+v_newstype+" "to construct statement 3, where V_newstype is a variable, if the V_newstype value is equal to 1, constructed is the statement 1, if the value of V_newstype equals" social news ", It was constructed with statement 3, but unfortunately if we ignore the v_newstype, it could be constructed in statement 2 or statement 4, such as "1;drop Table News" or "social news";d ROP Table news--", if our negligence is used by others, it will cause a great loss to us, SQL injection attack is the use of our negligence, so that the source of SQL injection attacks from the developer's improper coding and the platform you use, There is no direct relationship between development tools, system architectures, and so on.

Since the SQL injection attack is caused by improper coding of the coder, what kind of encoding is the appropriate encoding to be not subjected to SQL injection attacks, the next one we will continue to introduce.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.