SQLMAP TUTORIAL

Introduction:-  SqlMap is Python based open source penetration testing tool.It is most powerful sql injection automation tool and prebuild in kali linux.It works on both local and remote database server. Sqlmap helps to dump the database columns, tables,all files in the remote server database  as per user choice and it also helps us to read and write the database files with certain conditions. SqlMap uses six injection techniques Union query based, boolean based blind, Time based blind, Error based, Stacked query and Out of band Sql injection. It works on both Get and Post parameters.

In this tutorial i just going to dump the  username and password of the vulnerable application from the database server with get parameter.

Lab Environment :-

  1. Kali linux 
  2. Testing Site (Acunetix web application)

Now I will try manually with two different id in url:-

First I tried to break the query with single quote(‘) in php?artist=1, and php?artist=3 and I successfully  broke two id with same result. So no matter about id we need to find a get or post parameter to do sql injection.

php?artist=1

php?artist=3

  1. Step 1:-  I get into the vulnerable web application(testphp.vulnweb.com) and tried to find the GET parameter, and I end up with the get parameter in the “Browse Artists” Block, The ID can be anything we don’t need to care about it. We have to find the GET parameter incase of Doing Manual Injection in the site.


Step 2:- In the kali linux run the sqlmap -h command for help It helps us for further enumeration.

Step 3:-     -u for url, Url- http://testphp.vulnweb.com/artists.php?artist=1

–dbs -database , To fetch the database name  from the server.

                     

                  

Here the list list of database name  (acuart and information_schema )

Step 4:- After Database name we need to find the table name in the database server.   –-tables -D acuart  Command to fetch the tables from the database acuart.

Here the list of tables that fetched from the database acuart.

Step 5:- Now fetch the columns from the table name user and  database name acuart.

Here the list of columns

Step 6 :- Now run the command for dumping the column data.

Here the Dumped data, successfully get the username and password  of the web application.

HAVE ANY QUERIES ?

1 thought on “SQLMAP TUTORIAL”

  1. I am extremely impressed with your writing talents as smartly as with the structure in your weblog. Is that this a paid topic or did you customize it your self? Either way keep up the excellent quality writing, it’s rare to see a nice weblog like this one today.

Leave a Comment

Your email address will not be published. Required fields are marked *