sqlmap - why (not how) it works?
•
8 likes•7,299 views
These are the slides from a talk "sqlmap - why (not how) it works?" held at Navaja Negra & ConectaCon 2015 (Albacete / Spain)
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Viewers also liked
Viewers also liked (14)
Similar to sqlmap - why (not how) it works?
Similar to sqlmap - why (not how) it works? (17)
More from Miroslav Stampar
Recently uploaded
Recently uploaded (20)
sqlmap - why (not how) it works?
- 1. sqlmap – why (not how) it works? Miroslav Stampar (miroslav@sqlmap.org) sqlmap – why (not how) it works? Miroslav Stampar (miroslav@sqlmap.org)
- 2. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 2 Formal introduction sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
- 3. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 3 Birthday
- 4. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 4 Short history Daniele Belluci (@belch) – July 1st 2006, birthday of @sqlmap Bernardo Damele A. G. (@inquisb) – late 2006, joins the @sqlmap Daniele Belluci (@belch) – late 2006, leaves the @sqlmap Miroslav Stampar (@stamparm) – late 2009, joins the @sqlmap ...and they lived happily ever after :)
- 5. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 5 sqlmap.py (1) Version Release date Switches / options Code files LOC Total size 0.(0.)1 2006-06-01 16 3 339 64KB 0.2 2006-12-13 20 7 1117 116KB 0.3 2007-01-20 24 8 1731 160KB 0.4 2007-06-15 34 18 3819 468KB 0.5 2007-11-04 37 23 5711 680KB 0.6 2008-09-01 47 55 11920 1.2MB 0.7 2009-07-25 75 85 19387 5.1MB 0.8 2010-03-14 94 96 22840 5.7MB 0.9 2011-04-10 115 212 38787 9.5MB 1.0(-dev-f89ce21) 177 375 60995 12MB
- 6. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 6 sqlmap.py (2)
- 7. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 7 sqlmap.py (3)
- 8. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 8 sqlmap.org (1)
- 9. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 9 sqlmap.org (2)
- 10. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 10 sqlmap.org (3)
- 11. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 11 sqlmap.org (4)
- 12. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 12 SourceForge (obsolete)
- 13. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 13 Mailing list (deprecated)
- 14. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 14 GitHub (1)
- 15. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 15 GitHub (2) cuckoobox/cuckoo beefproject/beef andresriancho/w3af sqlmapproject/sqlmap rapid7/metasploit-framework bro/bro sleuthkit/sleuthkit wireshark/wireshark aircrack-ng/aircrack-ng ...
- 16. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 16 GitHub (3)
- 17. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 17 GitHub (4)
- 18. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 18 GitHub (5)
- 19. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 19 GitHub (6)
- 20. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 20 GitHub (7)
- 21. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 21 sqlmapreporter (1)
- 22. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 22 sqlmapreporter (2)
- 23. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 23 sqlmapreporter (3)
- 24. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 24 sqlmapreporter (4)
- 25. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 25 testenv (1)
- 26. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 26 testenv (2)
- 27. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 27 testenv (3)
- 28. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 28 Benchmark (sectoolmarket.com)
- 29. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 29 Twitter (1)
- 30. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 30 Twitter (2)
- 31. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 31 Twitter (3)
- 32. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 32 Twitter (4)
- 33. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 33 Twitter (5)
- 34. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 34 Donations (PayPal)
- 35. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 35 ???
- 36. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 36 Donations (Ƀitcoin)
- 37. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 37 Dual license (1)
- 38. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 38 Dual license (2)
- 39. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 39 sqlmappro (1)
- 40. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 40 sqlmappro (2)
- 41. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 41 BOFH (1)
- 42. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 42 BOFH (2)
- 43. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 43 BOFH (3)
- 44. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 44 BOFH (4)
- 45. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 45 Answer to the title's question Because of the long-lasting enthusiasm of a couple of guys having a large, (very) demanding and quite responsive user-base (and couple of angry trolls) ... ...and they lived happily ever after :)
- 46. Navaja Negra & ConectaCon, Albacete (Spain) October 02nd, 2015 46 Questions?