来自“Bobby Tables"的 SQL 注入是如何进行的?XKCD漫画作品? [英] How does the SQL injection from the "Bobby Tables" XKCD comic work?
问题描述
只是看着:
这个 SQL 有什么作用:
What does this SQL do:
Robert'); DROP TABLE STUDENTS; --
我知道 ' 和 -- 都用于注释,但是 DROP 这个词不会被注释掉,因为它是一部分同一行?
I know both ' and -- are for comments, but doesn't the word DROP get commented as well since it is part of the same line?
推荐答案
它删除了学生表.
学校程序中的原始代码可能看起来像
The original code in the school's program probably looks something like
q = "INSERT INTO Students VALUES ('" + FNMName.Text + "', '" + LName.Text + "')";
这是将文本输入添加到查询中的幼稚方式,并且非常糟糕,正如您将看到的.
This is the naive way to add text input into a query, and is very bad, as you will see.
在名字的值之后,中间名文本框FNMName.Text(即Robert');下降表学生;--) 和姓氏文本框 LName.Text(我们称之为 Derper)与查询的其余部分连接,结果现在实际上是 两个查询由语句终止符(分号)分隔.第二个查询已注入到第一个.当代码对数据库执行这个查询时,它看起来像这样
After the values from the first name, middle name textbox FNMName.Text (which is Robert'); DROP TABLE STUDENTS; --) and the last name textbox LName.Text (let's call it Derper) are concatenated with the rest of the query, the result is now actually two queries separated by the statement terminator (semicolon). The second query has been injected into the first. When the code executes this query against the database, it will look like this
INSERT INTO Students VALUES ('Robert'); DROP TABLE Students; --', 'Derper')
用简单的英语,粗略地翻译成两个查询:
which, in plain English, roughly translates to the two queries:
在 Students 表中添加一条 Name 值为 'Robert' 的新记录
Add a new record to the Students table with a Name value of 'Robert'
和
删除学生表
第二个查询之后的所有内容都标记为评论:<代码>--', 'Derper')
Everything past the second query is marked as a comment: --', 'Derper')
学生姓名中的 ' 不是注释,而是结束 字符串分隔符.由于学生的姓名是一个字符串,因此在语法上需要它来完成假设查询.注入攻击仅在注入的 SQL 查询结果为有效 SQL时有效.
The ' in the student's name is not a comment, it's the closing string delimiter. Since the student's name is a string, it's needed syntactically to complete the hypothetical query. Injection attacks only work when the SQL query they inject results in valid SQL.
这篇关于来自“Bobby Tables"的 SQL 注入是如何进行的?XKCD漫画作品?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
