"SQL injection" talking about post injection in SQL injection
This article source: I Spring and Autumn College
00x01
In many communication groups, I see a lot of friends for post injection is very confused, once geometry, I also like this, because we have been complicated, think too auxiliary so now feel difficult, now, let us talk about, post injection is how easy it!
PS: Text with write Os-shell
00x02
http://xxx.xxxxx.com/
for me, post injection is nothing more than two ways
the first to take advantage of burp grab the package and use < Span style= "color:red;" >sqlmap-r for detection injection
The second is simpler, use sqlmap--forms This parameter allows the first method of
00x03
to test the
Xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Use burp as we all know, The JRE environment is required to run and you need to set the proxy to 127.0.0.1:8080
Before you can grab the packet
Setup Completed, Then we start to crawl the test site's post package,
For example, successfully fetching the post package
# # # #需注意!
Confirm intercept is on (cannot grab package Yes)
This is the post package I crawled
- Post/login.aspx http/1.1
- Host:xxx.xxxxx.com
- user-agent:mozilla/5.0 (Windows NT 5.1; rv:43.0) gecko/20100101 firefox/43.0
- accept:text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
- accept-language:zh-cn,zh;q=0.8,en-us;q=0.5,en;q=0.3
- Accept-encoding:gzip, deflate
- Referer: [Url]http://xxx.xxxxx.com/[/url]
- cookie:asp.net_sessionid=2rslbt55ykuuntjvqwawax45
- Connection:close
- content-type:application/x-www-form-urlencoded
- content-length:106
- __viewstate=%2fwepdwujltmzmjawmjk3zgqrxhy3kgsploxjlg8mggcuwqgyaa%3d%3d&userid=test&userpass=test&x =58&y=10
Copy Code
Can be concluded that I submitted the
Userid=test
Userpass=test
The main injection is the form.
, then we put him into a txt file and put it in the Sqlmap directory.
Open the Sqlmap and start the injection
Command:
- Sqlmap.py-r Post.txt
Copy Code
.............................................. Want to see the full text, see here "" in this article source: Http://bbs.ichunqiu.com/thread-7762-1-1.html?from=bky
"SQL injection" talking about post injection in SQL injection