Shulou(Shulou.com)06/01 Report--

Today, I will talk to you about the injection tool sqlmap how to set request parameters, many people may not quite understand, in order to make you better understand, the editor summarized the following, I hope you can get something according to this article.

I. grab the bag

Second, set the submission parameters

Sqlmap-u "http://192.168.1.121/sqli/Less-11/index.php">

Third, multiple parameters, specify the delimiter

Sqlmap-u "http://192.168.1.121/sqli/Less-11/index.php">

Fourth, with cookie injection

Sqlmap-u "http://192.168.1.121/sqli/Less-1/?id=1"-- cookie" uin=fasdffes; skey=fwefdsd; ptisp=cfasdfas "--banner

5. Set user-agent

-- random-agent random UA

-- user-agent= "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36"

UA that comes with sqlmap

6. Set up host

Add * or-- level 5

7. Set up referer

Add * or-- level 5

8. Extra http header

-- headers, with each header separated by a newline character, or set directly in the sqlmap.conf file

Sqlmap-u "http://192.168.1.121/sqli/less-1/?id=1">

9. Set the parameters of HTTP protocol authentication:-- auth-type and-- auth-cred

-- auth-type:Basic/Digest/NTLM

-- auth-cred authentication syntax: username:password

A dialog box pops up and lets you enter your account number and password

10. Set up http proxy

-- proxy http (s): ip [: Port]-- proxy "http://1.2.3.4:9000"

-- proxy-cred username:password

-- proxy-file sets multiple proxies

-- ignore-proxy setting ignores system proxy

11. Set tor to hide the network

1. Install tor

Apt install tor

2. Start the service

Service tor start

3. Check the status

Service tor status

Sqlmap-u "http://192.168.1.121/sqli/less-1/?id=1">

12. Set delay

-- delay 0.5 delay 0.5 second

XIII. Setting timeout

-- timeout 55 seconds timeout

14. Set randomized parameters

Sqlmap-u "http://192.168.1.121/sqli/less 1/?id=1"-randomize id-banner

Id will become any value.

15. Set up retry

-- retries 5 retry 5 times

XVI. Log filtering targets

In burpsuite, save the log, there will be a lot of packets, but we will only detect one

Sqlmap-l log.txt-- scope= "192.168.1.121"

-- skip-urlencode does not perform url encryption

XVII. Setting ignore 401

The ignore-401 parameter is used to ignore unvalidated errors

After reading the above, do you have any further understanding of how the injection tool sqlmap sets request parameters? If you want to know more knowledge or related content, please follow the industry information channel, thank you for your support.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.