我在私有VM上尝试了SQL注入并使用了sqlmap。命令以某种方式:
sqlmap -u http://link/index.html?page=blog&title=Blog&id=5 --random-agent
给我:
[2] 16
[3] 17
-bash: --random-agent: command not found
[1] Done sqlmap -u http://link/index.html?page=blog
[3]+ Done title=Blog
但是以某种方式放--random-agent和-u第二个可以工作,但是随后sqlmap问我:
[20:29:29] [CRITICAL] heuristics detected that the target is protected by some kind of WAF/IPS/IDS
do you want sqlmap to try to detect backend WAF/IPS/IDS? [y/N] y
-bash: y: command not found
[1]+ Stopped sqlmap --random-agent -u http://link/index.html?page=blog
[2] Done title=Blog
为什么我不能输入y,为什么必须在-u前面放置选项
顺便说一下,更新,升级和重新安装无法正常工作。
答案 0 :(得分:5)
您需要在引号中加上地址:
sqlmap -u "http://link/index.html?page=blog&title=Blog&id=5" --random-agent