Sqlmap use of SQL injection

Source: Internet
Author: User
Tags sql injection administrator password kali linux

We all know that the most important step for network infiltration is to get the background database administrator password and user name, then how to get this user name and password? Need to use today's said Sqlmap, it not only applies to the intranet environment, the external network environment is also very popular, and in Kali Linux inside is particularly important, it is almost "barren", then I will briefly introduce the use of the next sqlmap.

First we get a station and test to see if there is any injection:

Here you can see that the station is injected with Boolean-based blinds, time-based blinds, and joint injection queries:

And it bursts out the OS type and the type of database:

Then see what database it has:

You can see that there are six databases:

Then continue querying the table fields of the security database:

You can see that there are four tables:

Next we step through the fields in the Users table:

You can see that three fields have been burst:

Finally, the username and password fields are exploded:

View results:

Login to the background to view the user name and password:

14 user names and passwords were burst;

Similarly, a field explosion is performed on the user's mailbox:

The above is to burst the mailbox.

Next want to server upload a word trojan file 1.php:

Maybe I wrote the remote path is wrong, so that did not upload to the server, then to my local look:

The following direct claim:

Indicate the remote path:

Or that, that's my dad. The remote path of the target server is not acquired, otherwise it can get the shell, get the shell and then create users by themselves and join the Administrators group, or directly use their own to discuss the Trojan horse to control the server.

Sqlmap use of SQL injection

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.