我运行 SQLMAP 来测试其中一个站点的 SQL 注入(inject),并得到以下信息。
sqlmap identified the following injection points with a total of 78 HTTP(s) requests:
---
Place: GET
Parameter: id
Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause
Payload: id=666' AND 1737=1737 AND 'pQMi'='pQMi
---
web server operating system: Windows Vista
web application technology: ASP.NET, ASP.NET 1.1.4322, Microsoft IIS 7.0
back-end DBMS: Microsoft SQL Server 2005
我不确定,这么多信息让这个网站容易受到多大程度的攻击?
最佳答案
第一个 sqlmap 仅在 78 个请求中发现了该漏洞,这意味着不需要很长时间就能发现该漏洞,并且基于注入(inject)的攻击是 2013 年的最大威胁。根据此信息,唯一的限制是数据库管理员设置的权限,不同的 SQL 语法以及攻击者的想象力。提取数据和/或破坏数据可能很简单。
来自 OWASP:
SQL Injection has become a common issue with database-driven web sites. The flaw is easily detected, and easily exploited, and as such, any site or software package with even a minimal user base is likely to be subject to an attempted attack of this kind.
Essentially, the attack is accomplished by placing a meta character into data input to then place SQL commands in the control plane, which did not exist there before. This flaw depends on the fact that SQL makes no real distinction between the control and data planes.
结果的底部显示了其他潜在可利用的信息,这些信息可能允许更有针对性的攻击。诸如Metasploit之类的程序(打包在 SQLMAP 中)然后可用于针对 Microsoft SQL Server 2005、Windows Vista 和/或 Microsoft IIS 7.0 中的漏洞。如果攻击者发现由于他们在 sql server 中的访问级别而无法获得他们想要的内容,他们就可以利用 MSSQL 2005 进行用户权限升级。可以获得的任何信息都可以用于不同的利用路径来获取访问/更改您的数据。
More Information about the type of problem you have
关于asp.net - SQLMAP来测试sql注入(inject),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/18657741/