Support #3620
closed
Vulnerability Test
0%
Description
Neuste Version von sqlmap aus github klonen:
git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
Use:
python sqlmap.py -u "http://qfq.math.uzh.ch/crose/qfq-jqw/index.php?id=6&search=test#" -f --banner --dbms=mysql --risk=3 --level=5 --batch -p=search --os=linux
Zusaetzlich kann man noch --forms anfuegen, falls die Seite ein Form hat das er versuchen soll zu testen.
Vorsicht: Risk=3 heisst auch, das es ein Risiko gibt das die Tests, falls erfolgreich, die Datenbank beschaedigen.
Updated by Benjamin Baer about 7 years ago
xss penetration test tool:
http://tools.kali.org/web-applications/xsser
Updated by Carsten Rose about 7 years ago
- Status changed from New to In Progress
- Assignee set to Carsten Rose
sqlmap (lokal installiert) und xsser (VM Kali) gegen die DEV Instanz laufen gelassen - keine Probleme gefunden.
Updated by Benjamin Baer almost 7 years ago
Bei Langeweile:
Ein Artikel wie man komplexere Angriffe mit sqlmap testen kann.
http://www.thegreycorner.com/2017/01/exploiting-difficult-sql-injection.html
Simples update fuer unseren Test string:
Other options
Some other options I commonly use are the parameter option which specifies which parameter is used to perform the injection (e.g. -p 'vulnerable_parameter') and the options to specify the database (e.g. --dbms='mysql') and the Operating System (--os='linux') in use on the remote server. These all help sqlmap to avoid making extraneous requests beyond what you already know will be effective based on your knowledge of the target web application. Sometimes of course the injection point is not within a parameter, in which case sqlmap has other options which can be used to target its operation, such as the asterisk character (*) which can be used to set manual injection point within a request.
Updated by Carsten Rose almost 7 years ago
- Status changed from In Progress to Closed