52ky 发表于 2022-9-12 11:35:40

穿山甲SQL注入

Pangolin是一款Windows平台下的自动化SQL注入浸透测试工具。他终结了从检测到利用终结一体化的浸透攻击动作,尽可能的将SQL注入攻击作用最大化。1.支持的数据库类型数据库类型方案信息获取别的MSSQL服务器版本、服务器称号、数据库称号、当时用户、当时用户权限、数据库列表履行系统命令、读取注册表、读文件、写文件、下载远程文件、导出数据到指定的数据库服务器Oracle版本信息、IP地址、当时用户、当时会话权限、主机名、实例称号、用户帐号信息、外部IP地址帐号破解、注入提权(adding)Mysql版本、GPC判别、数据库列表、暂时目录、当时用户、操作系统信息、用户帐号读文件、写文件Access数据库途径、根目录、磁盘信息只能暴力PostgreSQL版本信息、数据库、当时用户、当时会话用户、端口、数据途径、查找途径读文件

(Pangolin is an automated SQL injection penetration testing tool for Windows. He terminates the infiltration attack action from detection to utilization termination integration, and maximizes the effect of SQL injection attacks as much as possible. 1. Supported database types Database type scheme information Obtain other MSSQL server version, server name, database name, current user, current user authority, database list, execute system commands, read registry, read files, write files, download remote files , Export data to the specified database server Oracle version information, IP address, current user, current session authority, host name, instance name, user account information, external IP address account cracking, injecting privileges (adding) Mysql version, GPC discrimination, Database List, Temporary Directory, Current User, Operating System Information, User Account Read File, Write File Access Database Path, Root Directory, Disk Information Only PostgreSQL Version Information, Database, Current User, Current Session User, Port, Data Path, Find ways to read files)




页: [1]
查看完整版本: 穿山甲SQL注入