What is a Cookie
Cookie is a bunch of strings on behalf of your identity, the site identified on the basis Cookie who you are, if you get the administrator of Cookie, it means you can log in directly to the administrator account without a password.
Cookie injection principle
Superglobals presence in the dynamic scripting language can get a variety of parameter passing mode (basically)
often developed to take into account a variety of methods accept parameters, in accepting arguments are used to explain a variety of parameter passing in the development of
For example:
PHP in $ _REQUEST [] can be obtained POST | gET | COOKIE parameter passing
Note: php 5.4 or later will not accept the Cookie mass participation.
How to do if developed with the $ _REQUEST [] to accept parameters, and then we pass the POST and GET parameters are Waf intercepted?
Then perhaps no testing, we tried to carry on with mass participation, then you can not bypass the detection mechanism
Cookie injection method
1. Capture the data packet, adding Cookie field in the request header
Cookie parameter values need to pass URL encoding, recall the value of the URL encoding parameter passing
online URL: http://tool.chinaz.com/Tools/urlencode.aspx
2. Set Cookie in the browser
browser page press F12 to bring up the developer tools, select Console open the browser console input js statement sets the Cookie:
set by Cookie document.cookie
Cookie name for id escape is a coding function this function will be a URL-encoded
3.Sqlmap工具
例:
kali:sqlmap -u "网址" --cookie "id=CookieID" --level 2
windows:kali:sqlmap.py -u "网址" --cookie "id=CookieID" --level 2