v_user_id = Request("user_id")
v_pwd = Request("pwd")
strsql = "select * from user where user_id =' " + v_user_id + " ' AND pwd=' " + v_pwd + " ' "
Set rs = adoConn.execute(strsql)
If Rs.Eof Then
--Failure
Else
--Success
End If
위 코드는 user 테이블에 한행이상이 존재하고 만일 pwd값에 ' or 1=1 or ''=' 입력되었다면 항상 Success로 실행되게 된다. 다음 SQL문이 실제 실행되게 된다.
select * from user where user_id ='1111' AND pwd='' or 1=1 or ''=''
다음 SQL Injection Tool들 이다.
URLScan—This security tool actively restricts the kind of HTTP requests that Microsoft IIS will process. URLScan isn’t a substitute for properly programming a web application, but it can prevent some potentially harmful requests from reaching the web application and SQL Server. It works on IIS 5.1 and later, including IIS 7.0 for Windows Server 2008. For more information about URLScan.
http://learn.iis.net/page.aspx/473/using-urlscan.
Microsoft Source Code Analyzer for SQL Injection—This command-line tool analyzes your static ASP source code written in VBScript (not ASP.NET) and reveals possible vulnerabilities to SQL injection attacks. The tool then generates a report detailing the vulnerabilities it detected and possible remedies. Microsoft Source Code Analyzer for SQL Injection is available at http://www.microsoft.com/downloads/details.aspx?FamilyId=58A7C46E-A599-4FCB-9AB4-A4334146B6BA&displaylang=en.
(0) 
(0)Posted by 좐군
