SQL注入细节 [英] SQL injection Details

问题描述

我更新鲜，我希望在sql注入中测试应用程序。我对sql server 2000,2005和& s有很好的了解。 2008.任何人都可以一步一步地告诉我，

sql注入将如何工作？

我们想怎么编写代码或查询或脚本？

sql注入查询要在应用程序执行时写入（特定文本框）还是想在sql server中编写查询以进行检查？



请分享您的知识 ASAP ，





问候，

Santhya











< br $> b $ b



你可以告诉我，在sql注入工作时。查询想要进入我的sql server或应用程序窗口？例如，如果我想测试特定应用程序的登录页面，那时我是否要在sql server窗口或应用程序文本框中使用该查询？如果我想破解密码并希望通过使用sql注入进入应用程序，那将是什么步骤和代码???

请有人帮助我



问候，

解决方案

请使用此处的信息： SQL注入攻击以及如何防止它们的一些提示 [

title =新窗口> ^ ]

这里： http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/ [ ^ ]

nad here： http://technet.microsoft.com/de-de/library/ms161953(SQL.90）.aspx [ ^ ]



问候，

SQL注入是一种攻击，攻击者生成恶意代码并发送到SQL查询以访问数据库或系统。



欲了解更多信息，请访问..



http://cybarlab.blogspot.com/2013/02/what-is-sql-injection.html

Hi,

I''m fresher to field, i want to work in sql injection for testing an application. i having a well knowledge about the sql server 2000, 2005, & 2008. can anybody able to tell me, step by step ,
how the sql injection will work?
how we want to write the code or query or script?
Either the sql injection query want to write while application execting (particular textbox) or want to write a query in sql server for our checking purpose?

Kindly share your knowledge ASAP,


Regards,
Santhya








Can you able to tell me that, while working in sql injection. The query wants to enter in the my sql server or application window? For example, if i want to make testing of login page for a particular application, at that time whether i want to use the query in the sql server window or application textbox? if i want to break the password and want to enter into the application by using sql injection, what will be the steps and code???
Kindly anybody help me

Regards,

解决方案

Please use the information found here: SQL Injection Attacks and Some Tips on How to Prevent Them[
title="New Window">^]
here: http://ferruh.mavituna.com/sql-injection-cheatsheet-oku/[^]
nad here: http://technet.microsoft.com/de-de/library/ms161953(SQL.90).aspx[^]

Regards,

SQL Injection is a one kind of attack where the attacker generates malicious code and send into SQL query to access database or system.

For more please visit..

http://cybarlab.blogspot.com/2013/02/what-is-sql-injection.html

这篇关于SQL注入细节的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！