Sim*_*cke 1 sql linux bash sql-injection
我在私有VM上尝试了SQL注入并使用了sqlmap.不知怎的命令:
sqlmap -u http://link/index.html?page=blog&title=Blog&id=5 --random-agent
给我:
[2] 16
[3] 17
-bash: --random-agent: command not found
[1] Done sqlmap -u http://link/index.html?page=blog
[3]+ Done title=Blog
但是首先把--random-agent和-u第二个以某种方式工作但是然后sqlmap问我:
[20:29:29] [CRITICAL] heuristics detected that the target is protected by some kind of WAF/IPS/IDS
do you want sqlmap to try to detect backend WAF/IPS/IDS? [y/N] y
-bash: y: command not found
[1]+ Stopped sqlmap --random-agent -u http://link/index.html?page=blog
[2] Done title=Blog
为什么我不能输入y,为什么我必须在-u前面添加选项
更新,升级和重新安装不起作用.
您需要将地址放在引号中:
sqlmap -u "http://link/index.html?page=blog&title=Blog&id=5" --random-agent
否则,你会在后台为每个&符号启动一个进程.
| 归档时间: |
|
| 查看次数: |
92 次 |
| 最近记录: |