Upload
todd-benson
View
661
Download
3
Embed Size (px)
DESCRIPTION
Overview of SQLmap and it's settings
Citation preview
SQLMap
Options
• -v• -h
Target:
• -d DIRECT• -u URL• -r REQUESTFILE• -l LIST
Requests:
• --data=DATA• --cookie=COOKIE• --scope=SCOPE
Injection
• -p PARAMETER• --dbms=DBMS• --os=OS• --prfix=PREFIX• --suffix=SUFFIX• --tamper=TAMPER
$query = “SELECT * FROM users WHERE id=(‘ ”.$_GET[‘id’].” ’) LIMIT 0, 1”;
Sqlmap –u URL –p id –prefix “’)” –suffix “AND (‘abc’=abc”
$query = SELECT * FROM users WHERE id=(‘1’) <PAYLOAD> AND (‘abc’=‘abc’) LIMIT 0,1”;
Detection:
• --level=LEVEL (1-5)• --risk=RISK (0-3)• --string=STRING• --regex=REGEX
Enumeration
• --current-user• --current-db• --users• --passwords• --dbs• --tables• --columns• --dump (all)• --replicate• --search• --sql-query=SQLQUERY
Enumeration (cont)
• -D DB• -T TABLES• -C COLUMNS• --file-read=FILE
General
• -s SESSIONFILE• --flush-session• --update• --save