Sql map的sql map api.py简单使用
look:
stamparm commented on 24 Feb 2014@riramar
There is currently none :). I'll just give you a quick intro.
At server side:
$ python sqlmapapi.py -s -H 0.0.0.0 [19:42:00] [INFO] Running REST-JSON API server at '0.0.0.0:8775'.. [19:42:00] [INFO] Admin ID: cfdd0c84a8ebbccf40a97fe6eaaeac9d [19:42:00] [DEBUG] IPC database: /tmp/sqlmapipc-QUdQ7m [19:42:00] [DEBUG] REST-JSON API server connected to IPC database
At client side:
$ curl http://127.0.0.1:8775/task/new
{
"taskid": "4be40bb5e98a03c2",
"success": true
}
$ curl -H "Content-Type: application/json" -X POST -d '{"url": "http://testphp.vulnweb.com/artists.php?artist=1"}' http://127.0.0.1:8775/scan/4be40bb5e98a03c2/start
{
"engineid": 3068,
"success": true
}
$ curl http://127.0.0.1:8775/scan/4be40bb5e98a03c2/data
{
"data": [],
"success": true,
"error": []
}
$ curl http://127.0.0.1:8775/scan/4be40bb5e98a03c2/log
{
"log": [
{
"message": "testing connection to the target URL",
"level": "INFO",
"time": "19:44:23"
},
{
"message": "testing if the target URL is stable. This can take a couple of seconds",
"level": "INFO",
"time": "19:44:24"
},
{
"message": "target URL is stable",
"level": "INFO",
"time": "19:44:25"
},
{
"message": "testing if GET parameter 'artist' is dynamic",
"level": "INFO",
"time": "19:44:25"
},
{
"message": "confirming that GET parameter 'artist' is dynamic",
"level": "INFO",
"time": "19:44:25"
},
{
"message": "GET parameter 'artist' is dynamic",
"level": "INFO",
"time": "19:44:26"
},
{
"message": "heuristic (basic) test shows that GET parameter 'artist' might be injectable (possible DBMS: 'MySQL')",
"level": "INFO",
"time": "19:44:26"
},
{
"message": "testing for SQL injection on GET parameter 'artist'",
"level": "INFO",
"time": "19:44:26"
},
{
"message": "testing 'AND boolean-based blind - WHERE or HAVING clause'",
"level": "INFO",
"time": "19:44:26"
},
{
"message": "GET parameter 'artist' seems to be 'AND boolean-based blind - WHERE or HAVING clause' injectable ",
"level": "INFO",
"time": "19:44:27"
},
{
"message": "testing 'MySQL >= 5.0 AND error-based - WHERE or HAVING clause'",
"level": "INFO",
"time": "19:44:27"
},
{
"message": "testing 'MySQL >= 5.1 AND error-based - WHERE or HAVING clause (EXTRACTVALUE)'",
"level": "INFO",
"time": "19:44:27"
},
{
"message": "testing 'MySQL >= 5.1 AND error-based - WHERE or HAVING clause (UPDATEXML)'",
"level": "INFO",
"time": "19:44:28"
},
{
"message": "testing 'MySQL >= 4.1 AND error-based - WHERE or HAVING clause'",
"level": "INFO",
"time": "19:44:28"
},
{
"message": "testing 'MySQL >= 5.0 OR error-based - WHERE or HAVING clause'",
"level": "INFO",
"time": "19:44:28"
},
{
"message": "testing 'MySQL >= 5.1 OR error-based - WHERE or HAVING clause (EXTRACTVALUE)'",
"level": "INFO",
"time": "19:44:29"
},
{
"message": "testing 'MySQL >= 5.1 OR error-based - WHERE or HAVING clause (UPDATEXML)'",
"level": "INFO",
"time": "19:44:29"
},
{
"message": "testing 'MySQL >= 4.1 OR error-based - WHERE or HAVING clause'",
"level": "INFO",
"time": "19:44:29"
},
{
"message": "testing 'MySQL OR error-based - WHERE or HAVING clause'",
"level": "INFO",
"time": "19:44:29"
},
{
"message": "testing 'MySQL >= 5.0 error-based - Parameter replace'",
"level": "INFO",
"time": "19:44:30"
},
{
"message": "testing 'MySQL >= 5.1 error-based - Parameter replace (EXTRACTVALUE)'",
"level": "INFO",
"time": "19:44:30"
},
{
"message": "testing 'MySQL >= 5.1 error-based - Parameter replace (UPDATEXML)'",
"level": "INFO",
"time": "19:44:30"
},
{
"message": "testing 'MySQL inline queries'",
"level": "INFO",
"time": "19:44:30"
},
{
"message": "testing 'MySQL > 5.0.11 stacked queries'",
"level": "INFO",
"time": "19:44:31"
},
{
"message": "testing 'MySQL < 5.0.12 stacked queries (heavy query)'",
"level": "INFO",
"time": "19:44:31"
},
{
"message": "testing 'MySQL > 5.0.11 AND time-based blind'",
"level": "INFO",
"time": "19:44:31"
},
{
"message": "GET parameter 'artist' seems to be 'MySQL > 5.0.11 AND time-based blind' injectable ",
"level": "INFO",
"time": "19:44:42"
},
{
"message": "testing 'MySQL UNION query (NULL) - 1 to 20 columns'",
"level": "INFO",
"time": "19:44:42"
},
{
"message": "automatically extending ranges for UNION query injection technique tests as there is at least one other (potential) technique found",
"level": "INFO",
"time": "19:44:42"
},
{
"message": "ORDER BY technique seems to be usable. This should reduce the time needed to find the right number of query columns. Automatically extending the range for current UNION query injection technique test",
"level": "INFO",
"time": "19:44:42"
},
{
"message": "target URL appears to have 3 columns in query",
"level": "INFO",
"time": "19:44:43"
},
{
"message": "GET parameter 'artist' is 'MySQL UNION query (NULL) - 1 to 20 columns' injectable",
"level": "INFO",
"time": "19:44:44"
},
{
"message": "the back-end DBMS is MySQL",
"level": "INFO",
"time": "19:44:45"
}
],
"success": true
}
可能是更好的调用sqlmap的方法吧, 先研究到这了。
相关文章
图文推荐
- 文章
- 推荐
- 热门新闻