|
|
http://zone.wooyun.org/content/19049
from:https://github.com/zt2/sqli-hunter
封装了一个http代理跟sqlmap的api配合检测SQLi。
需要:
Ruby > 2.0.0
sqlmap
安装:
sqlmap
git clone https://github.com/sqlmapproject/sqlmap.git
gem
cd sqli-hunter
gem install bundle
bundle install
使用:
sqli-hunter git:(master) ruby sqli-hunter.rb
_____ _____ __ _ _____ _
| __| | | |_|___| | |_ _ ___| |_ ___ ___
|__ | | | |__| |___| | | | | _| -_| _|
|_____|__ _|_____|_| |__|__|___|_|_|_| |___|_|
|__|
Usage: sqli-hunter.rb [options]
Common options:
-s, --server Act as a Proxy-Server
-p, --port= Port of the Proxy-Server (default is 8888)
--api-host= Host of the sqlmapapi (default is localhost:8775)
--version Show version
SQLMap options
--random-agent Use randomly selected HTTP User-Agent header value
--threads= Max number of concurrent HTTP(s) requests (default 10)
--dbms= Force back-end DBMS to this value
--os= Force back-end DBMS operating system to this value
--tamper= Use given script(s) for tampering injection data
--level= Level of tests to perform (1-5, default 1)
--risk= Risk of tests to perform (0-3, default 1)
--batch Never ask for user input, use the default behaviour
--mobile Imitate smartphone through HTTP User-Agent header
--smart Conduct through tests only if positive heuristic(s)
开启sqlmapapi
python sqlmapapi.py -s
开启代理服务
ruby sqli-hunter.rb -s -p 8888
配置浏览器的代理
~/Code/SQLi-Hunter(master) ruby sqli-hunter.rb -s -p 8888
[2015-01-08 17:17:27] INFO WEBrick 1.3.1
[2015-01-08 17:17:27] INFO ruby 2.1.3 (2014-09-19) [x86_64-linux]
[2015-01-08 17:17:27] INFO WEBrick::HTTPProxyServer#start: pid=9533 port=8888
192.168.3.98 - - [08/Jan/2015:17:17:31 HKT] "GET http://testphp.vulnweb.com/artists.php?artist=1 HTTP/1.1" 200 5384
- -> http://testphp.vulnweb.com/artists.php?artist=1
[+] Vulnerable: e2f84b1494893827 requestFile: /tmp/c94863efe7bf03459aea27877426dada
然后开搞
python sqlmap.py -r /tmp/c94863efe7bf03459aea27877426dada
|
|
QQ群⑧:
窥视卡
雷达卡
发表于 2018-10-22 13:03:27
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
显身卡