热门标签
热门文章
- 1Ubuntu22.04 LTS 分区及配置优化(一步到位)_ubuntu 22.04 lts
- 2理解Stable Diffusion、LoRA、Dreambooth、Hypernetworks、Textual Inversion、Checkpoint_dreambooth和lora区别
- 3深入理解NLP中的文本匹配任务_机器学习 文本匹配
- 4Win10系统内置杀毒软件Windows Defender卸载方法_window defender卸载工具
- 5山东大学数据结构实验五_山东大学数据库实验五
- 6基于SpringBoot的大学生心理健康管理系统的设计与实现
- 7CRUD是什么,程序猿都应该要知道的单词
- 8基于微信江西南昌某大学图书馆座位预约小程序系统设计与实现 研究背景和意义、国内外现状_关于考研自习室座位预订微信小程序的国内外研究
- 9携程Apollo统一配置中心的搭建和使用(java)_apache apollo 和携程appolo
- 10全面解析Kafka 核心要素及其常见部署
当前位置: article > 正文
SqlmapAPI调用实现自动化SQL注入安全检测
作者:花生_TL007 | 2024-04-18 17:23:01
赞
踩
sqlmapapi
应用案例:前期通过信息收集拿到大量的URL地址,这个时候可以配置sqlmapAP接口进行批量的SQL注入检测 (SRC挖掘)
查看sqlmapapi使用方法
python sqlmapapi.py -h
- 1
启动sqlmapapi 的web服务:
任务流程:
1.创建新任务记录任务ID @get("/task/new"))
2.设置任务ID扫描信息 @post("/option/<taskid>/set")
3.开始扫描对应ID任务 @post ("/scan/<taskid>/start")
4.读取扫描状态判断结果 @get("/scan/<taskid>/status")
5.如果结束删除ID并获取结果 @get ("/task/<taskid>/delete")
6.扫描结果查看 @get("/scan/<taskid>/data")
- 1
- 2
- 3
- 4
- 5
- 6
简单使用
- 1.创建新任务记录任务ID
import requests
# 1.创建新任务记录任务ID
task_new_url='http://127.0.0.1:8775/task/new'
response=requests.get(url=task_new_url)
print(response.json())
- 1
- 2
- 3
- 4
- 5
- 6
- 2.设置任务ID扫描信息
import requests import json # 1.创建新任务记录任务ID task_new_url = 'http://127.0.0.1:8775/task/new' response = requests.get(url=task_new_url) taskid = response.json()['taskid'] # 2.设置任务ID扫描信息 data={ 'url':'http://192.168.8.3/sqli-labs-master/Less-2/?id=1' } headers={ 'Content-Type':'application/json' } task_set_url='http://127.0.0.1:8775/option/'+taskid+'/set' task_set_response=requests.post(url=task_set_url,data=json.dumps(data),headers=headers) print(task_set_response.content.decode('utf-8'))
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 3.开始扫描对应ID任务
import requests import json # 1.创建新任务记录任务ID task_new_url = 'http://127.0.0.1:8775/task/new' response = requests.get(url=task_new_url) taskid = response.json()['taskid'] # 2.设置任务ID扫描信息 data = { 'url': 'http://192.168.8.3/sqli-labs-master/Less-2/?id=1' } headers = { 'Content-Type': 'application/json' } task_set_url = 'http://127.0.0.1:8775/option/' + taskid + '/set' task_set_response = requests.post(url=task_set_url, data=json.dumps(data), headers=headers) # print(task_set_response.content.decode('utf-8')) ##### 3.开始扫描对应ID任务 task_start_url='http://127.0.0.1:8775/scan/'+taskid+'/start' task_start_data=requests.post(task_start_url,data=json.dumps(data),headers=headers) print(task_start_data.content.decode('utf-8'))
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
这边任务id和上面不一样是因为我重启了服务
- 获取扫描状态
import requests import json # 1.创建新任务记录任务ID task_new_url = 'http://127.0.0.1:8775/task/new' response = requests.get(url=task_new_url) taskid = response.json()['taskid'] # 2.设置任务ID扫描信息 data = { 'url': 'http://192.168.8.3/sqli-labs-master/Less-2/?id=1' } headers = { 'Content-Type': 'application/json' } task_set_url = 'http://127.0.0.1:8775/option/' + taskid + '/set' task_set_response = requests.post(url=task_set_url, data=json.dumps(data), headers=headers) # print(task_set_response.content.decode('utf-8')) # 3.开始扫描对应ID任务 task_start_url = 'http://127.0.0.1:8775/scan/' + taskid + '/start' task_start_data = requests.post(task_start_url, data=json.dumps(data), headers=headers) # print(task_start_data.content.decode('utf-8')) # 4.读取扫描状态判断结果 task_scan_url = 'http://127.0.0.1:8775/scan/' + taskid + '/status' task_scan_data = requests.get(task_scan_url) print(task_scan_data.content.decode('utf-8'))
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 查看结果
查看扫描结果是get请求,所以可以在浏览器中查看结果
上述代码,在每运行一次都会创建一个任务ID,所以需要进行代码优化
优化
import time import requests, json # 创建任务 def sqlmapapi(url): # 创建任务id task_new_url = 'http://127.0.0.1:8775/task/new' response = requests.get(url=task_new_url) taskid = response.json()['taskid'] if 'success' in response.content.decode('utf-8'): print('sqlmapapi task create success !') data = { 'url': url } headers = { 'Content-Type': 'application/json' } # 设置 任务 task_set_url = 'http://127.0.0.1:8775/option/' + taskid + '/set' task_set_response = requests.post(url=task_set_url, data=json.dumps(data), headers=headers) if 'success' in task_set_response.content.decode('utf-8'): print('sqlmapapi task set success !') # 扫描任务 task_start_url = 'http://127.0.0.1:8775/scan/' + taskid + '/start' task_start_data = requests.post(task_start_url, data=json.dumps(data), headers=headers) if 'success' in task_start_data.content.decode('utf-8'): print('sqlmapapi task start success !') # 获取扫描状态 while True: task_status_url = 'http://127.0.0.1:8775/scan/' + taskid + '/status' task_status_data = requests.get(task_status_url) if 'running' in task_status_data.content.decode('utf-8'): print('sqlmapapi task scan running .....') else: # 查看扫描结果 task_data_url = 'http://127.0.0.1:8775/scan/' + taskid + '/data' task_data = requests.get(task_data_url) print(task_data.content.decode('utf-8')) break time.sleep(3) if __name__ == '__main__': # url='http://192.168.8.3/sqli-labs-master/Less-2/?id=1' for url in open('url.txt'): url = url.replace('\n', '') sqlmapapi(url)
- 1
- 2
- 3
- 4
- 5
- 6
- 7
- 8
- 9
- 10
- 11
- 12
- 13
- 14
- 15
- 16
- 17
- 18
- 19
- 20
- 21
- 22
- 23
- 24
- 25
- 26
- 27
- 28
- 29
- 30
- 31
- 32
- 33
- 34
- 35
- 36
- 37
- 38
- 39
- 40
- 41
- 42
- 43
- 44
- 45
- 46
- 47
- 48
- 49
- 50
- 51
- 52
- 53
本文内容由网友自发贡献,转载请注明出处:https://www.wpsshop.cn/w/花生_TL007/article/detail/447258
推荐阅读
相关标签
