本文详细介绍了SQLmap工具的dump功能,特别是如何使用其参数来精细地从数据库中导出表格数据。包括如何使用--dump、--DB、--TBL、--COL等开关进行基本操作,以及如何通过--sql-query和--sql-file选项执行自定义SQL查询以导出特定条件下的数据。
https://github.com/sqlmapproject/sqlmap/wiki/FAQ
sqlmap is very granular in terms of dumping entries from a table. The relevant switches are:
--dump Dump DBMS database table entries
-D DB DBMS database to enumerate
-T TBL DBMS database table to enumerate
-C COL DBMS database table column to enumerate
--start=LIMITSTART First query output entry to retrieve
--stop=LIMITSTOP Last query output entry to retrieve
--first=FIRSTCHAR First query output word character to retrieve
--last=LASTCHAR Last query output word character to retrieve
However, in some cases you might want to dump all entries given a custom WHEREcondition. For
such cases, we recommend using one of the following switches:
--sql-query=QUERY SQL statement to be executed
--sql-shell Prompt for an interactive SQL shell
--sql-file=SQLFILE Execute SQL statements from given file(s)
For example:
--sql-query "SELECT user, password FROM users WHERE privilege='admin'"
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
