quindi ho appena iniziato con sqlmap per imparare la vulnerabilità di SQL injection sulla mia applicazione. Qui ho seguito i passaggi come da alcuni tutorial.
Quindi questa è la procedura che ho seguito:
-
sqlmap.py -u "http://www.myurl.org/dis/data.php?id=3" --dbs
Visualizza console:
[11:19:45] [INFO] testing connection to the target URL
[11:19:46] [INFO] testing if the target URL is stable. This can take a couple of
seconds
[11:19:47] [INFO] target URL is stable
[11:19:47] [INFO] testing if GET parameter 'id' is dynamic
[11:19:48] [INFO] confirming that GET parameter 'id' is dynamic
[11:19:48] [WARNING] GET parameter 'id' does not appear dynamic
[11:19:49] [WARNING] heuristic (basic) test shows that GET parameter 'id' might
not be injectable
[11:19:49] [INFO] testing for SQL injection on GET parameter 'id'
[11:19:49] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[11:19:56] [INFO] testing 'MySQL >= 5.0 AND error-based - WHERE or HAVING clause
'
[11:19:59] [INFO] testing 'PostgreSQL AND error-based - WHERE or HAVING clause'
[11:20:01] [INFO] testing 'Microsoft SQL Server/Sybase AND error-based - WHERE o
r HAVING clause'
[11:20:04] [INFO] testing 'Oracle AND error-based - WHERE or HAVING clause (XMLT
ype)'
[11:20:06] [INFO] testing 'MySQL inline queries'
[11:20:07] [INFO] testing 'PostgreSQL inline queries'
[11:20:07] [INFO] testing 'Microsoft SQL Server/Sybase inline queries'
[11:20:07] [INFO] testing 'Oracle inline queries'
[11:20:08] [INFO] testing 'SQLite inline queries'
[11:20:08] [INFO] testing 'MySQL > 5.0.11 stacked queries'
[11:20:11] [INFO] testing 'PostgreSQL > 8.1 stacked queries'
[11:20:13] [INFO] testing 'Microsoft SQL Server/Sybase stacked queries'
[11:20:58] [WARNING] using unescaped version of the test because of zero knowledge of the back-end DBMS. You can try to explicitly set it using option '--dbms'
[11:21:27] [WARNING] GET parameter 'id' is not injectable
[11:21:27] [CRITICAL] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp')
[11:21:27] [WARNING] HTTP error codes detected during run:
500 (Internal Server Error) - 5 times
Devo sapere:
- Perché non è in grado di ottenere il database?
- Che cosa significa "--stringa" (o "--regexp")?