API tools faq
paste
Advertisement
GSecReborn

SQLMap CheatSheet by #GSEC

GSecReborn
Oct 22nd, 2017
301
0
Never
Add comment
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 3.22 KB | None | 0 0
raw download clone embed print report
  1. _____ ____ ____
  2. |_ _|__ __ _ _ __ ___ / ___|_ __ ___ _ _/ ___| ___ ___
  3. | |/ _ \/ _` | '_ ` _ \ | | _| '__/ _ \ | | \___ \ / _ \/ __|
  4. | | __/ (_| | | | | | | | |_| | | | __/ |_| |___) | __/ (__
  5. |_|\___|\__,_|_| |_| |_| \____|_| \___|\__, |____/ \___|\___|
  6. |___/
  7. ====================| twitter.com/GreySecTeam |====================
  8.  
  9. --> Xecurity, Binary_, XPRMX, i3TheGod, IrishSec <---
  10.  
  11. "grab em by the rce" - Binary_
  12.  
  13.  
  14. We are not #Anonymous,
  15. We forget.
  16. We do not give a shit.
  17. We are here to burn all your establishments.
  18. #GSec
  19. =====================================================================
  20. sQLmaP cHeaT sHeeT
  21. ------------------------
  22. [Self Explainatory Ticks]:
  23. --ignore-redirects
  24. --ignore-timeouts
  25. --random-agent
  26. --skip-static
  27. --identify-waf
  28. --------------------------
  29. -g (Dork) :: [Google Dorks]
  30. --gpage (number) :: [Set how many pages to dork]
  31. -x (sitemap.xml url) :: [Scans sitemap's for vulns]
  32. -m (/file/path) :: [Scans full text's, etc.]
  33. -a/--all :: Enums EVERYTHING
  34. --output-dir (path/here) :: [Tell SQLMap where to save dumped dbs]
  35. --dump-format (HTML) :: [Saves dump as CSV, HTML, or SQLLite]
  36. ------------------------------
  37. --web-root (path/here) :: [Sets Web ROOT directory (var/www, etc)]
  38. --file-write (name.txt) :: [Creates a file inside of var/www.
  39. --file-read (path/file(/etc/passwd,etc)) :: [Loads defined loc/file from server]
  40. --os-bof :: [SQLMap will search fo stored Buffer Overflow
  41. --os-smbrelay :: [Prompts for Meterpreter, OOB Shell / VNC
  42. --msf-path :: [Loads / Uses MSF from defined path for further depth in testing.
  43. --priv-esc :: [Is user is DBA then it will escalte user privs to root.
  44. --alert=(CMD) :: [ Runs OS Command after SQLi is found. ]
  45. ===============================================================
  46. Tamper Scripts to bypss WAF:
  47. -General(All Purpose):
  48. apostrophemask,apostrophenullencode,base64encode,between,chardoubleencode,charencode,charunicodeencode,equaltolike,greatest,ifnull2ifisnull,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2plus,space2randomblank,unionalltounion,unmagicquotes
  49. ----
  50. -MSSQL:
  51. between,charencode,charunicodeencode,equaltolike,greatest,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,sp_password,space2comment,space2dash,space2mssqlblank,space2mysqldash,space2plus,space2randomblank,unionalltounion,unmagicquotes
  52. -----
  53. -MySQL:
  54. between,bluecoat,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2hash,space2morehash,space2mysqldash,space2plus,space2randomblank,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords,xforwardedfor
  55. =======================================================================
  56. -ORACLE Blind:
  57. -b :: [Tells SQLMap to use BLIND technique only]
  58. --dbms="oracle" :: [Sets Backend-DBMS to oracle]
  59. --technique="T" :: [Sets technique to Time-Based Blind]
  60. =======================================================================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement
Public Pastes
Advertisement
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy.  OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!