Safety originates from correct
Improper writing SQL statement causes the system insecurity
Ding Guoyong
In a general multi-user application, users who have the correct username and password can enter the system. We usually need to write a user login window to control the user using the system. Here is Visual Basic ADO as an example: First, the vulnerability generates the table for logging in the table Users (Name, PWD) to establish a form frmlogin, there are two Text box text1, text2 and two command buttons cmdok, cmdexit. Two text boxes are used to allow users to enter usernames and passwords, and two command buttons are used for "login" and "exit". 1, defines Ado Connection objects and ADO RecordSet objects: Option Explicit Dim Adocon As ADODB.Connection Dim Adors As ADODB.Recordset 2, database connection in the Form_Load: Set Adocon = New ADODB.Connection Adocon.CursorLocation = adUseClient adocon.Open " Provider = Microsoft.jet.Oledb.4.0.1; data source = "&& _ app.path &&" /test.mdb; "CMDOK code DIM SQLSTR AS STRING SQLSTR =" Select * from users where name = '"&&& TEXT1.TEXT && _ "'and pwd ='" && text2.text "'" SET ADORS = New AdoDb.Recordset set adors = adocon.execute (sqlstr) if adors.recordcount> 0 THEN / / or IF NOT ADORS. EOF THEN .... MSGBOX "pass" // By verifying Else ... msgbox "fail" // does not run the program through verification END IF, it seems that there is nothing wrong with this, but when entering any string in TEXT1 (Such as 123), enter a 'or' a '=' a in Text2, let's see the values at this time: select * from users where name = '123' and pwd = 'a' or 'A' = 'a' performs such a SQL statement, because the 'a' = 'a' is the true value, as long as it is recorded in the UserS table, its return EOF value must be false, which easily bypass the system. Verification for users and passwords. Such problems will appear in all systems that use Select * from users where name = '"&& name &&"' and pwd = '"&& password &&"', whether you are using the programming language. Second, the characteristics of the vulnerability are in the network, and the above problems are particularly obvious. The author finds the system that can enter the need for username and password verification in many websites.
