如何进行sql注入或攻击 [英] how to sql inject or attack

问题描述

如何进行sql注入或攻击?示例代码

sql注入如何在下面的代码中完成?

How does sql injection or attack done.? example code

How can sql injection done in the code below?

olesql = "insert into table (rr_colums) values ('" & sum & "')"
                Dim olecmd As New OleDb.OleDbCommand
                olecmd.CommandText = olesql
                olecmd.Connection = oleconn
                olecmd.ExecuteNonQuery()
                olecmd.Dispose()

推荐答案

检查这些链接

http://en.wikipedia.org/wiki/SQL_injection [ http://www.unixwiz.net/techtips/sql-injection.html [ ^ ]

http://www.programmerinterview.com/index.php/database-sql/sql -injection-example/ [ ^ ]

Check these links

http://en.wikipedia.org/wiki/SQL_injection[^]

http://www.unixwiz.net/techtips/sql-injection.html[^]

http://www.programmerinterview.com/index.php/database-sql/sql-injection-example/[^]

这取决于您的sum变量值的初始化位置.

通常，如果将诸如文本框"之类的用户输入控件中的值连接到普通SQL查询中，则会增加出现" SQL注入"威胁的可能性.

请查看以下链接以获取更多信息.
http://msdn.microsoft.com/en-us/library/ms161953.aspx

http://msdn.microsoft.com/en-us/library/ff648339.aspx

It depends from where value of your sum variable has been initialized.

Generally in case when values from user-input controls like "Textbox" are concatenated to plain SQL Queries then it increases the possibility of threat of "SQL Injection".

Have a look at below links for more information.
http://msdn.microsoft.com/en-us/library/ms161953.aspx

http://msdn.microsoft.com/en-us/library/ff648339.aspx

这篇关于如何进行sql注入或攻击的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！