Sql map的sql map api.py简单使用
程序员文章站
2022-06-19 12:30:22
look:
stamparm commented on 24 Feb 2014
@riramar
There is currently non...
look:
stamparm commented on 24 Feb 2014@riramar
There is currently none :). I'll just give you a quick intro.
At server side:
$ python sqlmapapi.py -s -H 0.0.0.0 [19:42:00] [INFO] Running REST-JSON API server at '0.0.0.0:8775'.. [19:42:00] [INFO] Admin ID: cfdd0c84a8ebbccf40a97fe6eaaeac9d [19:42:00] [DEBUG] IPC database: /tmp/sqlmapipc-QUdQ7m [19:42:00] [DEBUG] REST-JSON API server connected to IPC database
At client side:
$ curl https://127.0.0.1:8775/task/new
{
"taskid": "4be40bb5e98a03c2",
"success": true
}
$ curl -H "Content-Type: application/json" -X POST -d '{"url": "https://testphp.vulnweb.com/artists.php?artist=1"}' https://127.0.0.1:8775/scan/4be40bb5e98a03c2/start
{
"engineid": 3068,
"success": true
}
$ curl https://127.0.0.1:8775/scan/4be40bb5e98a03c2/data
{
"data": [],
"success": true,
"error": []
}
$ curl https://127.0.0.1:8775/scan/4be40bb5e98a03c2/log
{
"log": [
{
"message": "testing connection to the target URL",
"level": "INFO",
"time": "19:44:23"
},
{
"message": "testing if the target URL is stable. This can take a couple of seconds",
"level": "INFO",
"time": "19:44:24"
},
{
"message": "target URL is stable",
"level": "INFO",
"time": "19:44:25"
},
{
"message": "testing if GET parameter 'artist' is dynamic",
"level": "INFO",
"time": "19:44:25"
},
{
"message": "confirming that GET parameter 'artist' is dynamic",
"level": "INFO",
"time": "19:44:25"
},
{
"message": "GET parameter 'artist' is dynamic",
"level": "INFO",
"time": "19:44:26"
},
{
"message": "heuristic (basic) test shows that GET parameter 'artist' might be injectable (possible DBMS: 'MySQL')",
"level": "INFO",
"time": "19:44:26"
},
{
"message": "testing for SQL injection on GET parameter 'artist'",
"level": "INFO",
"time": "19:44:26"
},
{
"message": "testing 'AND boolean-based blind - WHERE or HAVING clause'",
"level": "INFO",
"time": "19:44:26"
},
{
"message": "GET parameter 'artist' seems to be 'AND boolean-based blind - WHERE or HAVING clause' injectable ",
"level": "INFO",
"time": "19:44:27"
},
{
"message": "testing 'MySQL >= 5.0 AND error-based - WHERE or HAVING clause'",
"level": "INFO",
"time": "19:44:27"
},
{
"message": "testing 'MySQL >= 5.1 AND error-based - WHERE or HAVING clause (EXTRACTVALUE)'",
"level": "INFO",
"time": "19:44:27"
},
{
"message": "testing 'MySQL >= 5.1 AND error-based - WHERE or HAVING clause (UPDATEXML)'",
"level": "INFO",
"time": "19:44:28"
},
{
"message": "testing 'MySQL >= 4.1 AND error-based - WHERE or HAVING clause'",
"level": "INFO",
"time": "19:44:28"
},
{
"message": "testing 'MySQL >= 5.0 OR error-based - WHERE or HAVING clause'",
"level": "INFO",
"time": "19:44:28"
},
{
"message": "testing 'MySQL >= 5.1 OR error-based - WHERE or HAVING clause (EXTRACTVALUE)'",
"level": "INFO",
"time": "19:44:29"
},
{
"message": "testing 'MySQL >= 5.1 OR error-based - WHERE or HAVING clause (UPDATEXML)'",
"level": "INFO",
"time": "19:44:29"
},
{
"message": "testing 'MySQL >= 4.1 OR error-based - WHERE or HAVING clause'",
"level": "INFO",
"time": "19:44:29"
},
{
"message": "testing 'MySQL OR error-based - WHERE or HAVING clause'",
"level": "INFO",
"time": "19:44:29"
},
{
"message": "testing 'MySQL >= 5.0 error-based - Parameter replace'",
"level": "INFO",
"time": "19:44:30"
},
{
"message": "testing 'MySQL >= 5.1 error-based - Parameter replace (EXTRACTVALUE)'",
"level": "INFO",
"time": "19:44:30"
},
{
"message": "testing 'MySQL >= 5.1 error-based - Parameter replace (UPDATEXML)'",
"level": "INFO",
"time": "19:44:30"
},
{
"message": "testing 'MySQL inline queries'",
"level": "INFO",
"time": "19:44:30"
},
{
"message": "testing 'MySQL > 5.0.11 stacked queries'",
"level": "INFO",
"time": "19:44:31"
},
{
"message": "testing 'MySQL < 5.0.12 stacked queries (heavy query)'",
"level": "INFO",
"time": "19:44:31"
},
{
"message": "testing 'MySQL > 5.0.11 AND time-based blind'",
"level": "INFO",
"time": "19:44:31"
},
{
"message": "GET parameter 'artist' seems to be 'MySQL > 5.0.11 AND time-based blind' injectable ",
"level": "INFO",
"time": "19:44:42"
},
{
"message": "testing 'MySQL UNION query (NULL) - 1 to 20 columns'",
"level": "INFO",
"time": "19:44:42"
},
{
"message": "automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found",
"level": "INFO",
"time": "19:44:42"
},
{
"message": "ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test",
"level": "INFO",
"time": "19:44:42"
},
{
"message": "target URL appears to have 3 columns in query",
"level": "INFO",
"time": "19:44:43"
},
{
"message": "GET parameter 'artist' is 'MySQL UNION query (NULL) - 1 to 20 columns' injectable",
"level": "INFO",
"time": "19:44:44"
},
{
"message": "the back-end DBMS is MySQL",
"level": "INFO",
"time": "19:44:45"
}
],
"success": true
}
可能是更好的调用sqlmap的方法吧, 先研究到这了。
下一篇: 网络技术常用术语中英对照
推荐阅读
-
JSP使用过滤器防止SQL注入的简单实现
-
简单讲解sql语句中的group by的使用方法
-
SQL基础语法的单表操作 select|insert|update|delete(增删改查) 简单使用
-
Sql存储过程游标循环的用法及sql如何使用cursor写一个简单的循环
-
java中Map、Set、List的使用(快速入门、简单上手)
-
echarts map地图geojson/json格式的简单使用
-
Sql map的sql map api.py简单使用
-
Vue.js扩展:高阶函数filter、map与reduce的简单使用
-
JSP使用过滤器防止SQL注入的简单实现
-
SQL Server中追踪器Trace的介绍和简单使用