2.6 SQL Map Lab 3

00:00

everyone Welcome back to the course. So in the last video, we went ahead and use the tool called the sequel Injection Vulnerability Scanner. So I guess I showed you how to go Install that. And I've got a step by step guide for you. And we also went ahead and ran a scan with a do Google dork against 20 random websites and Google search results to see if we found any sights

00:18

with sequel injection vulnerabilities

00:21

in this lab, we're gonna use a tool called sequel map, and we're just gonna basically running against a u R l. So again, I'm not gonna be showing you the girl that I use, but we just want to see if that you are l might be potentially vulnerable to sequel injection attacks.

00:36

Now, first things first, we're gonna be using this inside of our own, Callie. Instant. So we're not inside of the Sabra life involvement in this case again, because the security settings of that particular sandbox are not gonna allow us to run certain tools and certain commands. And so we're in our own Kelly instance on our own virtual machines to run this

00:54

now again, I want to stress that you should not be running sequel map against

00:58

any U. R l or domain that you don't have permission to do so because that is illegal in most jurisdictions.

01:04

So all we have to do to run sequel map once we're inside of R. Kelly lyrics and she's come up here to the top left two applications

01:11

Goto exploitation tools and then it's select sequel map. It's gonna go ahead and launch a terminal window for us,

01:17

and then we're just gonna expand this out so it's a little easier for everyone to see,

01:21

and we'll go and type in our command here. Now, again, I'm gonna be blurring out the particular u R l that amusing because I don't have permission for students to use this u r l S o I don't want to show it to you and get you in any type of trouble at all, so just make sure you're using a Euro l that you have permission to use, So we're just gonna type in sequel map

01:40

Deaf you So space, is that you

01:42

and then the actual your ill. So again, you're gonna notice here just a second than mine blurs out. So that way you can't see that you're ill that I'm using.

01:49

All right, so we're just gonna press enter the keyboard now. So once you tapped in that command there again, we're just taking a quick look at the, uh

01:57

what the u R l to see if we see any vulnerabilities at all. That's what we're running the scan against

02:01

again in the step by step guide have listed out some different commands into unions for things like dumping the database, getting column, information, getting database. Name s a lot of different things you can do in there. I've listed those out in the step by step guide to be sure to download that for this particular lab.

02:17

So as we run this, you noticed going to start running against the target, you are ill. It's gonna ask us some different questions. So it's gonna identify the back end database, and in this case, it's identified it as my sequel. And so it's gonna ask me, do you want to skip testing payload specific for other database management systems?

02:34

And I'm gonna say yes because I just want to go ahead and skip that and save ourselves some time here.

02:39

And then it's gonna also say, for the remaining test, you want to include all tests for my sequel extending provided level and risk values. And I'm just going to say yes to that as well.

02:50

And we'll go ahead and run that and let that keep running attacks against our You are ill.

02:58

All right, so you'll see it starting to pull some information for the attack.

03:01

And basically again, it's just gonna run against whatever you are ill you specified and potentially trying to find some information. So sequel map is the name applies is a good way to map out if there's any vulnerabilities at all, you'll see here promised me again saying, Hey, the get parameter

03:16

artist is a veil is a vulnerable Do you want to keep testing the other? So you want to keep testing other things,

03:23

or do you want to just go ahead? Now that we found a vulnerability, do you want to go ahead and actually, you know, exploited in some fashion?

03:30

So I'm gonna go ahead just, you know, save myself some time. Here again, I'm just gonna say no to that and to say, Hey, that's good enough. You know, I found one good to go and I'll go ahead and use that. If I were performing an attack, I would actually just use that and kind of go from there.

03:46

So just say no there. And then you'll see it is, you know, cancel out the use of the tool. And basically, now I know I have a vulnerability, and I can go ahead and

03:53

potentially exploit that vulnerability to do whatever nefarious thing I wanted to or is. A pen tester. This is something that I would tell the client like, Hey, here's a specific vulnerability that you have in your server And here's how we can fix it, right? I always want to provide a solution to that. So again you'll notice some blurriness, Um,

04:11

in this video where I blurt out the particular your hell that I've been using.

04:15

But I just want to show you this tool sequel map so you could potentially use it on your own again and step by step guard. I kind of list out different commands you can use. So take a look at that and by the way, also make sure if you haven't already download the other resources that list out some other areas that you can go to to practice your hands on skills for sequel injection attacks.