SQLmap
Upcoming SlideShare
Loading in...5
×
 

SQLmap

on

  • 697 views

Overview of SQLmap and it's settings

Overview of SQLmap and it's settings

Statistics

Views

Total Views
697
Views on SlideShare
697
Embed Views
0

Actions

Likes
0
Downloads
6
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

SQLmap SQLmap Presentation Transcript

  • SQLMap
  • Options • -v • -h
  • Target: • • • • -d DIRECT -u URL -r REQUESTFILE -l LIST
  • Requests: • --data=DATA • --cookie=COOKIE • --scope=SCOPE
  • Injection • • • • • • -p PARAMETER --dbms=DBMS --os=OS --prfix=PREFIX --suffix=SUFFIX --tamper=TAMPER
  • $query = “SELECT * FROM users WHERE id=(‘ ”.$_GET*‘id’+.” ’) LIMIT 0, 1”; Sqlmap –u URL –p id –prefix “’)” –suffix “AND (‘abc’=abc” $query = SELECT * FROM users WHERE id=(‘1’) <PAYLOAD> AND (‘abc’=‘abc’) LIMIT 0,1”;
  • Detection: • • • • --level=LEVEL (1-5) --risk=RISK (0-3) --string=STRING --regex=REGEX
  • Enumeration • • • • • • • • • • • --current-user --current-db --users --passwords --dbs --tables --columns --dump (all) --replicate --search --sql-query=SQLQUERY
  • Enumeration (cont) • • • • -D DB -T TABLES -C COLUMNS --file-read=FILE
  • General • • • • -s SESSIONFILE --flush-session --update --save