Defination:
An open source penetration testing tool that perform the process of detecting and exploiting SQL injection flaws and taking over of database servers which is developed by Bernardo Damele A.G. and Miroslav Stamper.
SQLmap contains:
- Powerful detection engine.
- Features for penetration tester
- Broad range of switches for so many purpose.
Characteristics of SQLmap:
- Support database management system like MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase, SAP MaxDB and HSQLDB.
- It support all the six SQL injection techniques(boolean-based blind, time-based blind, error- based, UNION query-based, stacked queries and out-of-band)
- Only by providing DBMS credentials, IP address, port and database name it can directly connect to the database
- It establishes a number of users, password hashes, privileges, roles, databases, tables and columns.
- It can easily search for specific database names, specific tables across all databases or specific columns across all databases' tables.
- As per user's choice it can dumb database tables entirely, a range of entries or specific columns.
- It can download and upload any file from the database server underlying file system when the database software is MySQL, PostgreSQL or Microsoft SQL Serve
Steps to install SQLmap:
Step 1: Install VMware
VMware is a free and easy to use software where we can able to run multiple OS at the same time. For having a IP address for the VM you have to select Bridge for your adapter. Just intall the VMware from official website of VMware.
Step 2: Ubuntu Installation
This is the link to download latest UBuntu iso http://www.ubuntu.com, select the ISO as the boot media for your guest and start the virtual machine. After that select the install option and Ubuntu will be automatically installed onto the virtual hard disk.
Step 3: SQLmap Installation
Python is pre-installed in Ubuntu so all you need to do is download sqlmap from sourceforge, unpack it into a directory and start your testing.
wget from http://sqlmap.sourceforge.net/#download
Unpack it with a GUI based tool (double click on it) or use tar and gzip together with this command.
tar zxvf sqlmap-0.9.tar.gz
cd sqlmap
python sqlmap.py
This should be your results when you run the sqlmap.py script from a working installation:
sqlmap/0.9 - automatic SQL injection and database takeover tool
http://sqlmap.sourceforge.net
Usage: python sqlmap.py [options]
sqlmap.py: error: missing a mandatory parameter ('-d', '-u', '-l', '-r', '-g', '-c', '--wizard' or '--update'), -h for help
The error is merely telling us we did not fill in the necessary parameters for a test to take place. You can repeat the command using the (-h) to get a full list of options or see the excellent online help and tutorials on the sqlmap project page.
For a simple test we will use the HTTP GET testing option against a single url.
python sqlmap.py -u 'http://mytestsite.com/page.php?id=5'
This will run a bunch of sql injection tests against that URL with the parameter (id) being tested for SQL Injection.
Here is the video of shell uploading through SQLmap.
Watch Video:
Usage:
To get a list of basic options and switches use:
python sqlmap.py -h
To get a list of all options and switches use:
python sqlmap.py -hh
If You want a sample run then go this link
ليست هناك تعليقات:
إرسال تعليق