首頁 >後端開發 >php教程 >基于PHP开发的SQLMAP-Web-GUI

基于PHP开发的SQLMAP-Web-GUI

WBOY
WBOY原創
2016-06-20 12:53:51985瀏覽

SQLmap是一款用来检测与利用SQL注入漏洞的免费开源工具,有一个非常棒的特性,即对检测与利用的自动化处理(数据库指纹、访问底层文件系统、执行命令)。SQLMAP-Web-GUI是一款使用PHP作为前端程序开发的Web版SQLMAP,和命令行版一样功能非常齐全。

Here is a few quick videos I made to show that almost all of your usual SQLMAP command line functionality is still possible via this Web GUI.

Demo against: Windows 2003 Server, IIS/6.0 + ASP + MS-SQL 2005

  • YOUTUBE: http://youtu.be/8MRew20Q1xE

Demo against: Linux (CentOS), Apache, MySQL, PHP

  • YOUTUBE: http://youtu.be/cs2Gvss0v-k

Blog Write-Up: http://kaoticcreations.blogspot.com/

Requirements:

  • Linux, Apache, PHP (check your favorite distro's wiki or forum pages, or use google)
    • PHP 5.3+ is suggested, older versions not tests so mileage may vary
  • Python and any SQLMAP dependencies (refer to their wiki for any help there)
  • Clone this repo to your machine
    • Edit the sqlmap/inc/config.php file so the paths all point to the right locations on your system
    • Copy the entire sqlmap/ directory and contents to your web root directory (cd SQLMAP-Web-GUI && cp -R sqlmap/ /var/www/)
    • When you want to use, simply fire up the sqlmap API server (python /home/user/tools/sqlmap/sqlmapapi.py -s)
    • Then you can navigate to the Web GUI address in your Browser to begin (firefox http://127.0.0.1/sqlmap/index.php)

项目主页:http://www.open-open.com/lib/view/home/1435627850310

陳述:
本文內容由網友自願投稿,版權歸原作者所有。本站不承擔相應的法律責任。如發現涉嫌抄襲或侵權的內容,請聯絡admin@php.cn