linux poison RSS
linux poison Email

Automatic SQL injection tool - sqlmap

Whatever you do with this tool is uniquely your responsibility. If you are not authorized to punch holes in the network you are attacking be aware that such action might get you in trouble with a lot of law enforcement agencies.

sqlmap goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specific DBMS tables/columns, run his own SQL statement, read specific files on the file system and more.

sqlmap has support for MySQL, Oracle, PostgreSQL and Microsoft SQL Server back-end database management systems. Besides these four database management systems software, sqlmap can also identify Microsoft Access, DB2, Informix, Sybase and Interbase

sqlmap Installation:
Download the sqlmap .deb package from here, double click on this downloaded file to install sqlmap along with all the required dependency.

Using sqlmap:
Let's say that you are auditing a web application and found a web page that accepts dynamic user-provided values on GET or POST parameters or HTTP Cookie values or HTTP User-Agent header value. You now want to test if these are affected by a SQL injection vulnerability, and if so, exploit them to retrieve as much information as possible out of the web application's back-end database management system or even be able to access the underlying operating system.

Consider that the target url is:
http://<server ip>/sqlmap/mysql/get_int.php?id=1

Now pass the original address to sql map using command:
sqlmap -u "http://<server ip>/sqlmap/mysql/get_int.php?id=1" -v 1
Sqlmap will automatically:
  * Identify the vulnerable parameter(s) (id in this scenario);
  * Depending on the user's options, fingerprint, enumerate, takeover the database server.

sqlmap demo:

You can watch more demo videos, they are hosted on YouTube.


Post a Comment

Related Posts with Thumbnails