Detailed graphic explanation of sqlmap injection

1. We found that this website may have a SQL injection vulnerability. We performed a SQL blind injection test to see if there is a vulnerability.

Enter and 1=1 in the address bar and you will see that the page is displayed normally.

Enter and 1=2 again. The page will show an error, indicating that the page may have a SQL injection vulnerability.

2. Now take out our kali tool, sqlmap to perform injection test.

sqlmap -u http://219.153.49.228:49634/new_list.php?id=1 --dbs

3. It can be seen that there is an injection vulnerability and 5 databases were scanned. To get the admin user password, we can first inject from the stormgroup. View the table that exists in the stormgroup database

sqlmap -u http://219.153.49.228:49634/new_list.php?id=1 -D stormgroup -tables

4. Next, check which columns exist in member.

sqlmap -u http://219.153.49.228:49634/new_list.php?id=1 -D stormgroup -T member --columns

5. In the previous step, you can see that the name and password look familiar. OK, next we start to get the data of these two columns.

6. You can see that the password is encrypted by md5. Next, we will decrypt it. Here I recommend to you a variety of decryption URLs I collected myself: Click here for the complete list of decryption URLs

7.now! The password is now in front of us! ! ! ! Find the background address and log in.

8.END Login successful, get the flag, submit. Gameover!

Summarize

This article ends here. I hope it can be helpful to you. I also hope that you can pay more attention to more content on 123WORDPRESS.COM!