Part 13 - Exploiting SQLI

Video Activity

This lesson focuses on using SQL map in Kali or Kali 2 to check a database, run a scan and discover vulnerabilities.

Join over 3 million cybersecurity professionals advancing their career
Sign up with
Required fields are marked with an *
or

Already have an account? Sign In »

Time
4 hours 20 minutes
Difficulty
Intermediate
CEU/CPE
5
Video Description

This lesson focuses on using SQL map in Kali or Kali 2 to check a database, run a scan and discover vulnerabilities.

Video Transcription
00:03
>> This is the meat and potatoes
00:03
>> of this video section here.
00:03
>> We're going to be using sqlmap.
00:03
If you're running Kali or Kali 2,
00:03
sqlmaps are already pre-built in.
00:03
So you're not going to have
00:03
>> to use the python sqlmap.py.
00:03
>> You're just going to type sqlmap
00:03
and then the rest of the command.
00:03
We have the command calling sqlmap-u.
00:03
It's asking for the URL, and we say--DBS .
00:03
It's telling you to check the database.
00:03
Let's go and run that real quick.
00:03
[NOISE]
00:03
Here we are in our environment.
00:03
We're going to type sqlmap-u
00:03
>> "http://192.168.0.12"--dbs,
00:03
>> and run that. There's an error.
00:03
Now see for this,
00:03
you can't just type in the address like this.
00:03
You need an address field which has an ID field.
00:03
Let's look at our page here
00:03
[NOISE].
00:03
Let's take this address
00:03
and search sqlmap again said and see what we get.
00:03
[NOISE]
00:03
Let's run that and see what we get back.
00:03
This page itself is not vulnerable to a sqlmap attack.
00:03
Its final with an ID field.
00:03
[NOISE] It got a name.
00:03
[NOISE] Here's an id equals to. Just copy that.
00:03
Let's go back to our command here.
00:03
[NOISE]
00:03
Let's attempt a database enumeration from that one.
00:03
We're going to tell it yes,
00:03
to check for the others.
00:03
I'm going to include all of the MySQL.
00:03
It tells us, hey, this is vulnerable,
00:03
but do we want to keep testing the others, if any?
00:03
I'll say yes. Let's see what we get.
00:03
Now it tells us here,
00:03
that we have available databases,
00:03
exercises, and information schema.
00:03
Let's go back to our slide and explain our next step.
Up Next