Can someone explain this SQL injection attack to me?

后端未结

关注

 5  409

甜味超标 2020-12-08 02:04

I wanted to post this here as it is very much coding related and was something I had to clean up this week on one of my company\'s old ASP (classic) sites.

We got hi

5条回答

鱼传尺愫 (楼主)

2020-12-08 02:40

Just formatting it for readability will clarify a lot:

set ansi_warnings off

DECLARE @T VARCHAR(255), @C VARCHAR(255)

DECLARE Table_Cursor CURSOR FOR
    select c.TABLE_NAME, c.COLUMN_NAME
      from INFORMATION_SCHEMA.columns c,
           INFORMATION_SCHEMA.tables t
     where c.DATA_TYPE in ('nvarchar','varchar','ntext','text')
       and c.CHARACTER_MAXIMUM_LENGTH > 30
       and t.table_name = c.table_name
       and t.table_type = 'BASE TABLE'

OPEN Table_Cursor

FETCH NEXT FROM Table_Cursor INTO @T, @C
WHILE(@@FETCH_STATUS=0)
BEGIN
    EXEC ( 'UPDATE [' + @T + ']
               SET [' + @C + '] =
                     ''">'' +
                     '''' +
                     ''
     
 
        热议问题