首页 > 网络文摘 > 正文
look:
@riramar
There is currently none :). I‘ll just give you a quick intro.
At server side:
$ python sqlmapapi.py -s -H 0.0.0.0 [19:42:00] [INFO] Running REST-JSON API server at ‘0.0.0.0:8775‘.. [19:42:00] [INFO] Admin ID: cfdd0c84a8ebbccf40a97fe6eaaeac9d [19:42:00] [DEBUG] IPC database: /tmp/sqlmapipc-QUdQ7m [19:42:00] [DEBUG] REST-JSON API server connected to IPC database
At client side:
$ curl http://127.0.0.1:8775/task/new { "taskid": "4be40bb5e98a03c2", "success": true } $ curl -H "Content-Type: application/json" -X POST -d ‘{"url": "http://testphp.vulnweb.com/artists.php?artist=1"}‘ http://127.0.0.1:8775/scan/4be40bb5e98a03c2/start { "engineid": 3068, "success": true } $ curl http://127.0.0.1:8775/scan/4be40bb5e98a03c2/data { "data": [], "success": true, "error": [] } $ curl http://127.0.0.1:8775/scan/4be40bb5e98a03c2/log { "log": [ { "message": "testing connection to the target URL", "level": "INFO", "time": "19:44:23" }, { "message": "testing if the target URL is stable. This can take a couple of seconds", "level": "INFO", "time": "19:44:24" }, { "message": "target URL is stable", "level": "INFO", "time": "19:44:25" }, { "message": "testing if GET parameter ‘artist‘ is dynamic", "level": "INFO", "time": "19:44:25" }, { "message": "confirming that GET parameter ‘artist‘ is dynamic", "level": "INFO", "time": "19:44:25" }, { "message": "GET parameter ‘artist‘ is dynamic", "level": "INFO", "time": "19:44:26" }, { "message": "heuristic (basic) test shows that GET parameter ‘artist‘ might be injectable (possible DBMS: ‘MySQL‘)", "level": "INFO", "time": "19:44:26" }, { "message": "testing for SQL injection on GET parameter ‘artist‘", "level": "INFO", "time": "19:44:26" }, { "message": "testing ‘AND boolean-based blind - WHERE or HAVING clause‘", "level": "INFO", "time": "19:44:26" }, { "message": "GET parameter ‘artist‘ seems to be ‘AND boolean-based blind - WHERE or HAVING clause‘ injectable ", "level": "INFO", "time": "19:44:27" }, { "message": "testing ‘MySQL >= 5.0 AND error-based - WHERE or HAVING clause‘", "level": "INFO", "time": "19:44:27" }, { "message": "testing ‘MySQL >= 5.1 AND error-based - WHERE or HAVING clause (EXTRACTVALUE)‘", "level": "INFO", "time": "19:44:27" }, { "message": "testing ‘MySQL >= 5.1 AND error-based - WHERE or HAVING clause (UPDATEXML)‘", "level": "INFO", "time": "19:44:28" }, { "message": "testing ‘MySQL >= 4.1 AND error-based - WHERE or HAVING clause‘", "level": "INFO", "time": "19:44:28" }, { "message": "testing ‘MySQL >= 5.0 OR error-based - WHERE or HAVING clause‘", "level": "INFO", "time": "19:44:28" }, { "message": "testing ‘MySQL >= 5.1 OR error-based - WHERE or HAVING clause (EXTRACTVALUE)‘", "level": "INFO", "time": "19:44:29" }, { "message": "testing ‘MySQL >= 5.1 OR error-based - WHERE or HAVING clause (UPDATEXML)‘", "level": "INFO", "time": "19:44:29" }, { "message": "testing ‘MySQL >= 4.1 OR error-based - WHERE or HAVING clause‘", "level": "INFO", "time": "19:44:29" }, { "message": "testing ‘MySQL OR error-based - WHERE or HAVING clause‘", "level": "INFO", "time": "19:44:29" }, { "message": "testing ‘MySQL >= 5.0 error-based - Parameter replace‘", "level": "INFO", "time": "19:44:30" }, { "message": "testing ‘MySQL >= 5.1 error-based - Parameter replace (EXTRACTVALUE)‘", "level": "INFO", "time": "19:44:30" }, { "message": "testing ‘MySQL >= 5.1 error-based - Parameter replace (UPDATEXML)‘", "level": "INFO", "time": "19:44:30" }, { "message": "testing ‘MySQL inline queries‘", "level": "INFO", "time": "19:44:30" }, { "message": "testing ‘MySQL > 5.0.11 stacked queries‘", "level": "INFO", "time": "19:44:31" }, { "message": "testing ‘MySQL < 5.0.12 stacked queries (heavy query)‘", "level": "INFO", "time": "19:44:31" }, { "message": "testing ‘MySQL > 5.0.11 AND time-based blind‘", "level": "INFO", "time": "19:44:31" }, { "message": "GET parameter ‘artist‘ seems to be ‘MySQL > 5.0.11 AND time-based blind‘ injectable ", "level": "INFO", "time": "19:44:42" }, { "message": "testing ‘MySQL UNION query (NULL) - 1 to 20 columns‘", "level": "INFO", "time": "19:44:42" }, { "message": "automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found", "level": "INFO", "time": "19:44:42" }, { "message": "ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test", "level": "INFO", "time": "19:44:42" }, { "message": "target URL appears to have 3 columns in query", "level": "INFO", "time": "19:44:43" }, { "message": "GET parameter ‘artist‘ is ‘MySQL UNION query (NULL) - 1 to 20 columns‘ injectable", "level": "INFO", "time": "19:44:44" }, { "message": "the back-end DBMS is MySQL", "level": "INFO", "time": "19:44:45" } ], "success": true }
郑重声明:本站内容如果来自互联网及其他传播媒体,其版权均属原媒体及文章作者所有。转载目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。
可爱穿搭很重要
工藤美樱写真集
斯米兰海水是真不错
海边想拍氛围照
海岛度假
甜妹 ootd 穿搭
在大的理日就子是在海洱边发发呆
7080后儿时集体回忆插画
西安子午峪满山的白杜鹃太美了
职业模特拍摄省事很多
悉尼海滩百人裸泳狂欢 一丝不挂惊爆眼球
香港团体再次发起反水货客游行 33人被捕
中国美女城市排行:哈尔滨第一 北京未入榜
11岁女孩因抄作业被父亲发现吊打身亡
乌克兰美女领导克里米亚辛菲罗波尔
叶梓萱最新比基尼泳装写真 玲珑曲线迷倒人
福建清光绪正五品官员古墓被盗 发现一具干尸
毛泽东和蒋介石的书法,你能区分不?
印度火车出轨已致34死150伤
巴西男子头颈颠倒 身残志坚
本拉登谋划911恐怖袭击前"老巢"曝光
深圳孕妇当街产子 路人组成人墙守护接生
小偷刺业主3刀 民警赶到时躺地上装死
特斯拉 MODEL S 图集
秦舒培高挑身材
传说中的汗血宝马
Cara Delevingne 选集
香港生活成本世界最高 底层人蜗居“棺材间”
冯小刚24岁女儿近照曝光 叼烟表情逗趣
马斯克:只要自动驾驶足够给力,特斯拉可以零利润卖车
乌克兰芭比娃美女
中戏艺考美女PK传媒艺考美女 都百里挑一
车模精选
广西桂平石龙镇的5月22日车祸事故
亚太比基尼精选
@riramar
There is currently none :). I‘ll just give you a quick intro.
At server side:
At client side: