Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- _____ ____ ____
- |_ _|__ __ _ _ __ ___ / ___|_ __ ___ _ _/ ___| ___ ___
- | |/ _ \/ _` | '_ ` _ \ | | _| '__/ _ \ | | \___ \ / _ \/ __|
- | | __/ (_| | | | | | | | |_| | | | __/ |_| |___) | __/ (__
- |_|\___|\__,_|_| |_| |_| \____|_| \___|\__, |____/ \___|\___|
- |___/
- ====================| twitter.com/GreySecTeam |====================
- --> Xecurity, Binary_, XPRMX, i3TheGod, IrishSec <---
- "grab em by the rce" - Binary_
- We are not #Anonymous,
- We forget.
- We do not give a shit.
- We are here to burn all your establishments.
- #GSec
- =====================================================================
- sQLmaP cHeaT sHeeT
- ------------------------
- [Self Explainatory Ticks]:
- --ignore-redirects
- --ignore-timeouts
- --random-agent
- --skip-static
- --identify-waf
- --------------------------
- -g (Dork) :: [Google Dorks]
- --gpage (number) :: [Set how many pages to dork]
- -x (sitemap.xml url) :: [Scans sitemap's for vulns]
- -m (/file/path) :: [Scans full text's, etc.]
- -a/--all :: Enums EVERYTHING
- --output-dir (path/here) :: [Tell SQLMap where to save dumped dbs]
- --dump-format (HTML) :: [Saves dump as CSV, HTML, or SQLLite]
- ------------------------------
- --web-root (path/here) :: [Sets Web ROOT directory (var/www, etc)]
- --file-write (name.txt) :: [Creates a file inside of var/www.
- --file-read (path/file(/etc/passwd,etc)) :: [Loads defined loc/file from server]
- --os-bof :: [SQLMap will search fo stored Buffer Overflow
- --os-smbrelay :: [Prompts for Meterpreter, OOB Shell / VNC
- --msf-path :: [Loads / Uses MSF from defined path for further depth in testing.
- --priv-esc :: [Is user is DBA then it will escalte user privs to root.
- --alert=(CMD) :: [ Runs OS Command after SQLi is found. ]
- ===============================================================
- Tamper Scripts to bypss WAF:
- -General(All Purpose):
- apostrophemask,apostrophenullencode,base64encode,between,chardoubleencode,charencode,charunicodeencode,equaltolike,greatest,ifnull2ifisnull,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2plus,space2randomblank,unionalltounion,unmagicquotes
- ----
- -MSSQL:
- between,charencode,charunicodeencode,equaltolike,greatest,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,sp_password,space2comment,space2dash,space2mssqlblank,space2mysqldash,space2plus,space2randomblank,unionalltounion,unmagicquotes
- -----
- -MySQL:
- between,bluecoat,charencode,charunicodeencode,concat2concatws,equaltolike,greatest,halfversionedmorekeywords,ifnull2ifisnull,modsecurityversioned,modsecurityzeroversioned,multiplespaces,nonrecursivereplacement,percentage,randomcase,securesphere,space2comment,space2hash,space2morehash,space2mysqldash,space2plus,space2randomblank,unionalltounion,unmagicquotes,versionedkeywords,versionedmorekeywords,xforwardedfor
- =======================================================================
- -ORACLE Blind:
- -b :: [Tells SQLMap to use BLIND technique only]
- --dbms="oracle" :: [Sets Backend-DBMS to oracle]
- --technique="T" :: [Sets technique to Time-Based Blind]
- =======================================================================
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement