搜索
中国白客联盟»论坛 Techniques SQL注入(SQL Injection) Sqlmap的sqlmapapi.py简单使用
返回列表 发新帖
查看: 970|回复: 0

Sqlmap的sqlmapapi.py简单使用

[复制链接]
admin

1839

主题

2255

帖子

1万

积分

管理员

Rank: 9Rank: 9Rank: 9

积分
11913
发表于 2015-8-18 20:35:48 | 显示全部楼层 |阅读模式

一.启动服务器


  1. $ python sqlmapapi.py -s -H 0.0.0.0
  2. [19:42:00] [INFO] Running REST-JSON API server at '0.0.0.0:8775'..
  3. [19:42:00] [INFO] Admin ID: cfdd0c84a8ebbccf40a97fe6eaaeac9d
  4. [19:42:00] [DEBUG] IPC database: /tmp/sqlmapipc-QUdQ7m
  5. [19:42:00] [DEBUG] REST-JSON API server connected to IPC database
复制代码

服务器后端使用的是bottle,一个Python Web微框架。

二. 我们使用requests这个库发送请求

        1.新建任务

               

        2.发送扫描选项,开启扫描

         

        注意:那个cd92e4e99406715b就是新建任务返回的taskid

      3.查看扫描状态

        

        任务已经结束,可以获取扫描结果了

      4.查看扫描结果

        \

  1. $ curl http://127.0.0.1:8775/task/new
  2. {
  3.   "taskid": "4be40bb5e98a03c2",
  4.   "success": true
  5. }
  6. $ curl -H "Content-Type: application/json" -X POST -d '{"url": "http://testphp.vulnweb.com/artists.php?artist=1"}' http://127.0.0.1:8775/scan/4be40bb5e98a03c2/start
  7. {
  8.   "engineid": 3068,
  9.   "success": true
  10. }
  11. $ curl http://127.0.0.1:8775/scan/4be40bb5e98a03c2/data
  12. {
  13.   "data": [],
  14.   "success": true,
  15.   "error": []
  16. }
  17. $ curl http://127.0.0.1:8775/scan/4be40bb5e98a03c2/log
  18. {
  19.   "log": [
  20.     {
  21.       "message": "testing connection to the target URL",
  22.       "level": "INFO",
  23.       "time": "19:44:23"
  24.     },
  25.     {
  26.       "message": "testing if the target URL is stable. This can take a couple of seconds",
  27.       "level": "INFO",
  28.       "time": "19:44:24"
  29.     },
  30.     {
  31.       "message": "target URL is stable",
  32.       "level": "INFO",
  33.       "time": "19:44:25"
  34.     },
  35.     {
  36.       "message": "testing if GET parameter 'artist' is dynamic",
  37.       "level": "INFO",
  38.       "time": "19:44:25"
  39.     },
  40.     {
  41.       "message": "confirming that GET parameter 'artist' is dynamic",
  42.       "level": "INFO",
  43.       "time": "19:44:25"
  44.     },
  45.     {
  46.       "message": "GET parameter 'artist' is dynamic",
  47.       "level": "INFO",
  48.       "time": "19:44:26"
  49.     },
  50.     {
  51.       "message": "heuristic (basic) test shows that GET parameter 'artist' might be injectable (possible DBMS: 'MySQL')",
  52.       "level": "INFO",
  53.       "time": "19:44:26"
  54.     },
  55.     {
  56.       "message": "testing for SQL injection on GET parameter 'artist'",
  57.       "level": "INFO",
  58.       "time": "19:44:26"
  59.     },
  60.     {
  61.       "message": "testing 'AND boolean-based blind - WHERE or HAVING clause'",
  62.       "level": "INFO",
  63.       "time": "19:44:26"
  64.     },
  65.     {
  66.       "message": "GET parameter 'artist' seems to be 'AND boolean-based blind - WHERE or HAVING clause' injectable ",
  67.       "level": "INFO",
  68.       "time": "19:44:27"
  69.     },
  70.     {
  71.       "message": "testing 'MySQL >= 5.0 AND error-based - WHERE or HAVING clause'",
  72.       "level": "INFO",
  73.       "time": "19:44:27"
  74.     },
  75.     {
  76.       "message": "testing 'MySQL >= 5.1 AND error-based - WHERE or HAVING clause (EXTRACTVALUE)'",
  77.       "level": "INFO",
  78.       "time": "19:44:27"
  79.     },
  80.     {
  81.       "message": "testing 'MySQL >= 5.1 AND error-based - WHERE or HAVING clause (UPDATEXML)'",
  82.       "level": "INFO",
  83.       "time": "19:44:28"
  84.     },
  85.     {
  86.       "message": "testing 'MySQL >= 4.1 AND error-based - WHERE or HAVING clause'",
  87.       "level": "INFO",
  88.       "time": "19:44:28"
  89.     },
  90.     {
  91.       "message": "testing 'MySQL >= 5.0 OR error-based - WHERE or HAVING clause'",
  92.       "level": "INFO",
  93.       "time": "19:44:28"
  94.     },
  95.     {
  96.       "message": "testing 'MySQL >= 5.1 OR error-based - WHERE or HAVING clause (EXTRACTVALUE)'",
  97.       "level": "INFO",
  98.       "time": "19:44:29"
  99.     },
  100.     {
  101.       "message": "testing 'MySQL >= 5.1 OR error-based - WHERE or HAVING clause (UPDATEXML)'",
  102.       "level": "INFO",
  103.       "time": "19:44:29"
  104.     },
  105.     {
  106.       "message": "testing 'MySQL >= 4.1 OR error-based - WHERE or HAVING clause'",
  107.       "level": "INFO",
  108.       "time": "19:44:29"
  109.     },
  110.     {
  111.       "message": "testing 'MySQL OR error-based - WHERE or HAVING clause'",
  112.       "level": "INFO",
  113.       "time": "19:44:29"
  114.     },
  115.     {
  116.       "message": "testing 'MySQL >= 5.0 error-based - Parameter replace'",
  117.       "level": "INFO",
  118.       "time": "19:44:30"
  119.     },
  120.     {
  121.       "message": "testing 'MySQL >= 5.1 error-based - Parameter replace (EXTRACTVALUE)'",
  122.       "level": "INFO",
  123.       "time": "19:44:30"
  124.     },
  125.     {
  126.       "message": "testing 'MySQL >= 5.1 error-based - Parameter replace (UPDATEXML)'",
  127.       "level": "INFO",
  128.       "time": "19:44:30"
  129.     },
  130.     {
  131.       "message": "testing 'MySQL inline queries'",
  132.       "level": "INFO",
  133.       "time": "19:44:30"
  134.     },
  135.     {
  136.       "message": "testing 'MySQL > 5.0.11 stacked queries'",
  137.       "level": "INFO",
  138.       "time": "19:44:31"
  139.     },
  140.     {
  141.       "message": "testing 'MySQL < 5.0.12 stacked queries (heavy query)'",
  142.       "level": "INFO",
  143.       "time": "19:44:31"
  144.     },
  145.     {
  146.       "message": "testing 'MySQL > 5.0.11 AND time-based blind'",
  147.       "level": "INFO",
  148.       "time": "19:44:31"
  149.     },
  150.     {
  151.       "message": "GET parameter 'artist' seems to be 'MySQL > 5.0.11 AND time-based blind' injectable ",
  152.       "level": "INFO",
  153.       "time": "19:44:42"
  154.     },
  155.     {
  156.       "message": "testing 'MySQL UNION query (NULL) - 1 to 20 columns'",
  157.       "level": "INFO",
  158.       "time": "19:44:42"
  159.     },
  160.     {
  161.       "message": "automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found",
  162.       "level": "INFO",
  163.       "time": "19:44:42"
  164.     },
  165.     {
  166.       "message": "ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test",
  167.       "level": "INFO",
  168.       "time": "19:44:42"
  169.     },
  170.     {
  171.       "message": "target URL appears to have 3 columns in query",
  172.       "level": "INFO",
  173.       "time": "19:44:43"
  174.     },
  175.     {
  176.       "message": "GET parameter 'artist' is 'MySQL UNION query (NULL) - 1 to 20 columns' injectable",
  177.       "level": "INFO",
  178.       "time": "19:44:44"
  179.     },
  180.     {
  181.       "message": "the back-end DBMS is MySQL",
  182.       "level": "INFO",
  183.       "time": "19:44:45"
  184.     }
  185.   ],
  186.   "success": true
  187. }
复制代码


本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?Join BUC

x
过段时间可能会取消签到功能了
回复

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | Join BUC

本版积分规则

Powered by Discuz!

© 2012-2015 Baiker Union of China.

快速回复 返回顶部 返回列表