76
SQLmap注入获取Webshell及系统权限研究-simeon技术专栏
source link: http://blog.51cto.com/simeon/2116819
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
使用SQLmap除了能进行SQL注入渗透测试外,其还提供了强大的命令执行功能可以进行udf提权、MSSQL下xp_cmdshell提权,在条件允许的情况下,可以获取操作系统shell和SQL shell,有的还可以直接获取系统权限。本文对SQLmap如何获取webshell及系统权限进行讨论。
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK