SQLMAP 基础操作

SQLMAP 基础操作

sudo git clone https://github.com/sqlmapproject/sqlmap

GET 请求:

-u

POST 请求:

Option: --data

By default the HTTP method used to perform HTTP requests is GET, but you can implicitly change it to POST by providing the data to be sent in the POST requests. Such data, being those parameters, are tested for SQL injection as well as any provided GET parameters.

文件读取(配合 burpsuite 更佳):

One of the possibilities of sqlmap is loading of raw HTTP request from a textual file. That way you can skip usage of a number of other options (e.g. setting of cookies, POSTed data, etc).

更多请参考https://github.com/sqlmapproject/sqlmap/wiki/Usage

【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/itxdm/p/7003587.html