Use SQLmap like a pro - Part 01

SQLmap

Many hackers or cyber security researchers use different kind of tools for their web application penetration testing. But, when you come to the topic, " SQL Injection " it becomes a versatile tool . Even, in kali linux it remains as a inbuilt tool for it's good functionality. So, let's try to know how to use it like a pro. 

What is SQLmap ?

SQLmap is a web application penetration tool which is a modular framework written in python which automatically detects possible SQL Injection vulnerability and exploit them.  

Why SQLmap is famous to all cyber security lovers ?

Because, it the best automatic tool for exploit the SQL Injection vulnerability. Also, a hacker must have a knowledge about that particular database to exploit that . But, SQLmap can perform SQL Injection to these databases, 

• MySQL
• Oracle
• PostgreSQL
• Microsoft SQL Server
• Microsoft Access
• IBM DB2
• SQLite
• Firebird
• Sybase
• SAP MaxDB and many more.

And this thing made the tool so unique than the other. 

Basic  work flow when you are working with SQLmap

Enumerate database information such as database name, database version and, other details.

There may be more than 1 databases in a web application. So, select a particular database to enumerate that database's tables.

Select a particular table and enumerate the columns present in that table.

Select columns and enumerate rows to extract data.

How to install ?

There are two ways to install SQLmap.  But, both method will be required python installed on the system. As, I have mentioned you befofe that, it is a modular framework written in python . The 2 methods are,

1. Through git clone.
2. Through pip.

Through Git Clone

• apt update -y
• apt upgrade -y
• apt install python3 -y
• apt install git -y
• git clone https://github.com/sqlmapproject/sqlmap
• cd sqlmap
• python3 sqlmap.py --help

Through pip

• apt update -y
• apt upgrade -y
• apt install python3 -y
• pip3 install sqlmap
• sqlmap --help

 Hack with SQLmap from now. 

Happy hacking. 💓