What is SQLMAP

SQLMAP

SQLmap is a popular, free tool used for penetration testing to detect and exploit SQL injection vulnerabilities in web applications. Since its launch in 2006, it has become a go-to tool for improving web security.

SQLmap is an open-source program designed to automatically identify and exploit SQL injection weaknesses. It’s packed with features that, under the right conditions, can take full control of a vulnerable SQL server. SQLmap can generate a lot of activity and should only be used with permission from the system owner. Unauthorized use is illegal.

SQL injection (SQLi) is a type of attack where hackers manipulate the database queries sent by an application. This can lead to serious issues like accessing sensitive information, altering data, or even corrupting databases.

Use of SQLmap

SQLmap is used to check if a website is vulnerable to SQL injection attacks. For example, if you find a URL like:

http://testphp.vulnweb.com/artists.php?artist=1

Here, the part after ?artist= is the GET parameter. This could be a potential entry point for an SQL injection attack. If vulnerable, an attacker could use this to access or manipulate data in the website’s database.

SQLmap works best with websites built using PHP, as it often interacts with databases in ways that can expose vulnerabilities. However, it can also be effective with other technologies under the right conditions.

An asterisk (1) can be used to replace the value in the get request parameter to see if your website is susceptible. As an illustration,

http://testphp.vulnweb.com/artists.php?artist=1

We can declare with certainty that the website is susceptible if this leads to an error like the one mentioned above.

Installing sqlmap

SQLmap is pre-installed on Kali Linux, making it a preferred choice for penetration testers.If you’re using other Linux distributions based on Debian, you can easily install SQLmap by running the following command in the terminal:

sudo apt-get install sqlmap


This will download and install SQLmap on your system. After installation, you can start using it to test for SQL injection vulnerabilities.

Usage

For demonstration purposes, we will utilize a website that is intentionally constructed with vulnerabilities in this article:
http://testphp.vulnweb.com/artists.php?artist=1

You can see that by modifying the value of cat, the user can modify a GET request parameter (artists=1). This means that this kind of SQL injection could be possible for this website.
We make use of SQLMAP to test for this. Enter the following in the terminal to view the set of arguments that can be passed:
sqlmap -h    

The graphic above displays the parameters that we will utilize for the simple SQL Injection. In addition to them, we’ll also employ the -dbs and -u parameters, whose use was covered in Step

Using SQLMAP to test a website for SQL Injection vulnerability:

  • List information about the existing databases

Make a list of the details for the current databases. Therefore, in addition to the -u argument, we must first give the site url that we wish to verify. If we want to test the website with proxies, we can also use the –tor argument. Normally, what we would want to do is find out if access to a database is possible. To do this, we use the –dbs option. All of the accessible databases are listed using –dbs.

sqlmap – http://testphp.vulnweb.com/artists.php?artist=1–dbs

  • List information about Tables present in a particular Database 
    Our command needs to be slightly altered in order to attempt accessing any of the databases. The database name that we want to access is now specified with -D, and after we get access to the database, we want to check to see if we can access the tables. We make use of the –tables query for this. Allow us to retrieve the correct database.


sqlmap -u http://testphp.vulnweb.com/artists.php?artist=1-D acuart –tables

 

Eight tables can be seen that have been retrieved in the image above. We can now be certain that the website is weak.

  • List information about the columns of a particular table 

The following command can be used to inspect the columns of a specific table; the table name is specified with -T, and the column names are queried with -columns. Our goal is to gain entry to the “artists” table.

 sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart -T artists –columns

  • Dump the data from the columns 

Similar to this, we may use the following command to get the data in a particular column. The -dump query retrieves the data, and -C allows us to specify multiple column names separated by commas.

sqlmap -u http://testphp.vulnweb.com/artists.php?artist=1 -D acuart -T artists -C aname –dump 

Categories: Applied AI Cyber Defentech Cyber Security Design Ethical Hacking Ethical hacking in delhi Ethical hacking institute in delhi Ethical hacking institute in rohini Programming Rohini Delhi rohini sec 8 SQL SQLMAP Tools
Related Tags:

Leave A Comment

Cyber Defentech offers comprehensive cybersecurity training and certifications, empowering professionals to safeguard digital environments against evolving cyber threats.

Contact Us

  • D-12/77, Sector-08, Near Rohini East Metro Station Gate No-02, Rohini Delhi 110085
  • info@cyberdefentech.com
  • +91 8448046612
  • +91 9310945866

News & Blog

Course

Copyright 2024 by Cyberdefentech