https://www.cnblogs.com/shengulong/p/7262346.html?utm_source=itdadao&utm_medium=referral
[root@nodtest home]# pwd
/opt/lampp/htdocs/info/data/User/admin/home
==========================================================
[BEGIN] 2019/4/19 16:01:18
Is the selection above correct? [Y/n]: Y
----------------------------------------------------------------------------
Installation Directory
XAMPP will be installed to /opt/lampp
Press [Enter] to continue:
----------------------------------------------------------------------------
Setup is now ready to begin installing XAMPP on your computer.
Do you want to continue? [Y/n]: Y
----------------------------------------------------------------------------
Please wait while Setup installs XAMPP on your computer.
Installing
0% ______________ 50% ______________ 100%
#########################################
----------------------------------------------------------------------------
Setup has finished installing XAMPP on your computer.
[root@nodtest tools]# cd /opt/lampp/
[root@nodtest lampp]# ls
apache2 cgi-bin error icons info libexec man modules php properties.ini share uninstall.dat
bin ctlscript.sh etc img lampp licenses manager-linux-x64.run mysql phpmyadmin RELEASENOTES temp var
build docs htdocs include lib logs manual pear proftpd sbin uninstall xampp
[root@nodtest lampp]# vim l
lampp lib/ libexec/ licenses/ logs/
[root@nodtest lampp]# vim lampp
[root@nodtest lampp]# vim lampp
[root@nodtest lampp]#
[root@nodtest lampp]#
[root@nodtest lampp]#
[root@nodtest lampp]# ./lampp start
Starting XAMPP for Linux 5.6.14-0...
XAMPP: Starting Apache...already running.
XAMPP: Starting MySQL...ok.
XAMPP: Starting ProFTPD...ok.
[root@nodtest lampp]# cd /nod/tools/
[root@nodtest tools]# ls
kodexplorer4.40.zip xampp-linux-x64-5.6.14-0-installer.run
[root@nodtest tools]# mkdir info
[root@nodtest tools]# cp kodexplorer4.40.zip info/
[root@nodtest tools]# cd info/
[root@nodtest info]# unzip kodexplorer4.40.zip
[root@nodtest info]# ls
app ChangeLog.md config data index.php kodexplorer4.40.zip plugins README.MD static
[root@nodtest info]# cd ../
[root@nodtest tools]# cp -r info/ /opt/lampp/htdocs/
[root@nodtest tools]# cd /opt/lampp/htdocs/
[root@nodtest htdocs]# ls
applications.html bitnami.css dashboard favicon.ico img index.php info webalizer
[root@nodtest htdocs]# chmod 777 info
[root@nodtest htdocs]# chmod -R 777 info/data/
[root@nodtest htdocs]# pwd
/opt/lampp/htdocs
[root@nodtest htdocs]# ls
applications.html bitnami.css dashboard favicon.ico img index.php info webalizer
[root@nodtest htdocs]# cd in
-bash: cd: in: No such file or directory
[root@nodtest htdocs]# cd info/
[root@nodtest info]# ls
app ChangeLog.md config data index.php kodexplorer4.40.zip plugins README.MD static
[root@nodtest info]# ls
app ChangeLog.md config data index.php kodexplorer4.40.zip plugins README.MD static
[root@nodtest info]# cd data/
[root@nodtest data]# ls
Group session system temp User
[root@nodtest data]# du -sh *
28K Group
8.0K session
128K system
8.0K temp
78M User
[root@nodtest data]# cd User/
[root@nodtest User]# ls
admin demo guest index.html
[root@nodtest User]# du -sh *
78M admin
36K demo
36K guest
0 index.html
[root@nodtest User]# cd admin
[root@nodtest admin]# du -sh *
28K data
78M home
4.0K recycle_kod
[root@nodtest home]# pwd
/opt/lampp/htdocs/info/data/User/admin/home
[root@nodtest home]# cd /nod/tools/
[root@nodtest tools]# ;s
-bash: syntax error near unexpected token `;'
[root@nodtest tools]# ls
info kodexplorer4.40.zip xampp-linux-x64-5.6.14-0-installer.run
[root@nodtest tools]# rz -E
-bash: rz: command not found
[root@nodtest tools]ls
-bash: **ls: command not found
[root@nodtest tools]# ls
info kodexplorer4.40.zip sqlmap.tar xampp-linux-x64-5.6.14-0-installer.run
[root@nodtest tools]# tar -zxvf sqlmap.tar
gzip: stdin: not in gzip format
tar: Child returned status 1
tar: Error is not recoverable: exiting now
[root@nodtest tools]# ls
info kodexplorer4.40.zip sqlmap sqlmap.tar xampp-linux-x64-5.6.14-0-installer.run
[root@nodtest tools]# cd sqlmap
[root@nodtest sqlmap]# ls
COMMITMENT extra LICENSE procs shell sqlmap.conf swagger.yaml thirdparty udf xml
doc lib plugins README.md sqlmapapi.py sqlmap.py tamper txt waf
ALUE=%22%20%20%20options.pkey_value%20%20%20%22&ATTACH_TYPE=1" --random-agent --dbms=oracle --dbs
___
__H__
___ ___[']_____ ___ ___ {1.3.3.36#dev}
|_ -| . [.] | .'| . |
|___|_ [)]_|_|_|__,| _|
|_|V... |_| http://sqlmap.org
pplicable local, state and federal laws. Developers assume no liability and are not responsible for any misuse or damage caused by this program
[*] starting @ 16:45:39 /2019-04-19/
Chrome/0.2.149.30 Safari/525.13' from file '/nod/tools/sqlmap/txt/user-agents.txt'
it appears that provided value for GET parameter 'TABLE_NAME' has boundaries. Do you want to inject inside? ('" options.table_name* "') [y/N] y
it appears that provided value for GET parameter 'PKEY_VALUE' has boundaries. Do you want to inject inside? ('" options.pkey_value* "') [y/N] y
[16:45:44] [INFO] testing connection to the target URL
[16:46:14] [CRITICAL] connection timed out to the target URL. sqlmap is going to retry the request(s)
xy switches ('--ignore-proxy', '--proxy',...)
[16:47:44] [CRITICAL] connection timed out to the target URL
[16:47:44] [INFO] testing if the target URL content is stable
[16:48:14] [CRITICAL] connection timed out to the target URL. sqlmap is going to retry the request(s)
[16:49:45] [CRITICAL] connection timed out to the target URL
rrors) by using higher verbosity levels
[16:49:45] [INFO] testing if GET parameter 'TABLE_NAME' is dynamic
[16:50:15] [CRITICAL] connection timed out to the target URL. sqlmap is going to retry the request(s)
[16:51:45] [CRITICAL] connection timed out to the target URL
[16:51:45] [WARNING] GET parameter 'TABLE_NAME' does not appear to be dynamic
[16:52:15] [CRITICAL] connection timed out to the target URL. sqlmap is going to retry the request(s)
there seems to be a continuous problem with connection to the target. Are you sure that you want to continue with further target testing? [y/N] Y
[17:00:06] [CRITICAL] connection timed out to the target URL
[17:00:06] [WARNING] heuristic (basic) test shows that GET parameter 'TABLE_NAME' might not be injectable
[17:00:36] [CRITICAL] connection timed out to the target URL. sqlmap is going to retry the request(s)
[17:02:06] [CRITICAL] connection timed out to the target URL
[17:02:06] [INFO] testing for SQL injection on GET parameter 'TABLE_NAME'
[17:02:06] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause'
[17:02:16] [WARNING] user aborted during detection phase
how do you want to proceed? [(S)kip current test/(e)nd detection phase/(n)ext parameter/(c)hange verbosity/(q)uit]
[17:02:16] [INFO] testing 'Boolean-based blind - Parameter replace (original value)'
[17:02:17] [WARNING] user aborted during detection phase
how do you want to proceed? [(S)kip current test/(e)nd detection phase/(n)ext parameter/(c)hange verbosity/(q)uit] q
[17:02:20] [ERROR] user quit
[*] ending @ 17:02:20 /2019-04-19/
[root@nodtest sqlmap]#
[root@nodtest sqlmap]#
[root@nodtest sqlmap]#
[root@nodtest sqlmap]# df -h
Filesystem Size Used Avail Use% Mounted on
/dev/mapper/vg_nodtest-lv_root 1.9T 5.5G 1.8T 1% /
tmpfs 32G 216K 32G 1% /dev/shm
/dev/sdb1 485M 39M 421M 9% /boot
/dev/mapper/vg_nodtest-lv_home 56G 180M 53G 1% /home
[root@nodtest sqlmap]# exit
logout
Connection closed by foreign host.
Disconnected from remote host(nodtest) at 16:57:18.
Type `help' to learn how to use Xshell prompt.
[END] 2019/4/19 16:57:19