Scribd
Upload
184 views8 pages

SQLMap: Essential Tool for SQL Injection Testing

SQLMap is an open-source penetration testing tool designed to automate the detection and exploitation of SQL injection vulnerabilities in web applications. It offers features such as database enumeration, data extraction, and support for multiple database systems, making it essential for security professionals. The document also outlines common SQLMap commands and their functions for effective usage in penetration testing.

Uploaded by

omrajbhoi370
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
184 views8 pages

SQLMap: Essential Tool for SQL Injection Testing

SQLMap is an open-source penetration testing tool designed to automate the detection and exploitation of SQL injection vulnerabilities in web applications. It offers features such as database enumeration, data extraction, and support for multiple database systems, making it essential for security professionals. The document also outlines common SQLMap commands and their functions for effective usage in penetration testing.

Uploaded by

omrajbhoi370
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd

05/08/2025, 19:14 SQLMap | Hackviser

Pentesting Hardening Tools Searchctrl K

SQLMap

Want to Practice These Techniques?


Try Hackviser's interactive cyber security upskilling platform - Learn by doing!

Start Practicing Now

SQLMap
"SQLMap's powerful detection engine and extensive range of features
make it an indispensable tool for security professionals seeking to identify
and mitigate SQL injection risks efficiently." -Troy Hunt

What is the purpose of SQLMap?


SQLMAP is an open source penetration testing tool. SQLMAP automates the
process of discovering SQL injection flaws and exploits them to access and provide
control over database servers. In addition, it has advanced features, including its
proprietary detection engine, in support of penetration testing.

Here are the primary uses of SQLMap:

SQL Injection Testing: SQLMap automates the detection and exploitation of


SQL injection vulnerabilities in web applications. It systematically tests different
payloads to identify weak points.
Database Schema: SQLMap enumerates the databases, tables, and columns in
a vulnerable database. It allows to consider the database schema in detail, so it
is very important for further analysis.
Data Extraction: SQLMap extracts user-requested data from a vulnerable
database. Seeing the ability to extract data from the user may allow the impact
of the vulnerability to be estimated.

[Link] 1/8
05/08/2025, 19:14 SQLMap | Hackviser

Database Management: SQLMap performs various database management


tasks and executing spesific SQL commands. It allows security professionals to
manage the database remotely, providing valuable insights into database
configurations and settings.
Support for Multiple Databases: SQLMap is compatible with various database
management systems such as MySQL, PostgreSQL, Oracle, Microsoft SQL
Server and SQLite. This versatility allows SQLMap to be used with more users in
a variety of environments and to work more integrated with other tools.

Core Features
Automatic SQL Injection Detection
Database Fingerprinting
Database Enumeration
Data Extraction
Access to the File System
Privilege Escalation
Support for Multiple Database Systems
Advanced Injection Techniques
Customizable Payloads and Options
Batch and Automation Support

Data sources
Target Application Data
Database Management Systems (DBMS)
Public Vulnerability Databases
Security Advisories and Exploits
Database Error Messages
Network Traffic
Input Parameters and Forms
Historical Scan Data

Common SQLMap Commands


[Link] 2/8
05/08/2025, 19:14 SQLMap | Hackviser

1. Basic SQL Injection Test


This command provides that tests a given URL for SQL injection vulnerabilities.
It simply shows the users if the target URL is vulnerable to SQL injection attacks
by looking at the response for different SQL payloads.

sqlmap -u <target_URL>

2. Enumerating Databases
This command retrieves the list of all databases available in the target
application and enumerates the data. It helps in understanding the database
structure as it just returns the list of all available databases.

sqlmap -u <target_URL> --dbs

3. Enumerating Tables
This command lists the tables in a specific database by numbering them.
Familiarizing SQLmap users with the structure and tables of the database will
make it easier during the data extraction process.

sqlmap -u <target_URL> -D <database_name> --tables

4. Enumerating Columns
This command retrieves columns from a specific table. It provides insights into
the data stored in the table by numbering and listing column names and data
types, which is critical for data extraction.

sqlmap -u <target_URL> -D <database_name> -T <table_name> --columns

5. Data Extraction
This command retrieves data from a table in the database. Pulling data from
the application under test is important for detecting vulnerabilities.

[Link] 3/8
05/08/2025, 19:14 SQLMap | Hackviser

sqlmap -u <target_URL> -D <database_name> -T <table_name> --dump

6. Testing for Blind SQL Injection


This option checks for blind SQL injection vulnerabilities by injecting either time
delays or Boolean conditions into the application response in case it is
vulnerable to blind SQL injection.

sqlmap -u <target_URL> --technique=BLIND

7. Specifying a Custom HTTP Header


This option allows the user to specify a custom HTTP header for the request. It is
useful for detecting a breach in the authentication process.

sqlmap -u <target_URL> --header="Custom-Header: Value"

8. Using Proxy for Traffic Analysis


This option makes SQLMap route its traffic via a given proxy. It's quite useful for
intercepting and observing the HTTP traffic that SQLMap generates against the
target [Link] ability to perform traffic analysis makes a great
contribution to the testing process.

sqlmap -u <target_URL> --proxy="[Link]

9. Saving Output to a File


This option allows the output of SQLMap operations to be saved to a specified
file. This is an important feature for reviewing and analyzing the results later.

sqlmap -u <target_URL> --output-dir=<directory>

10. Help and Usage Information


[Link] 4/8
05/08/2025, 19:14 SQLMap | Hackviser

This command displays the help menu and usage information for SQLMap.

sqlmap -h

Alternative usage:

sqlmap --help

Output Examples of SQLMap


Commands
Command Example Usage Function Output E

Tests a URL Parameter


sqlmap -u
Basic SQL for SQL vulnerable
"[Link]
Injection Test injection boolean-ba
id=1"
vulnerabilities. SQL inject

Testing for sqlmap -u Tests for blind Vulnerable


Blind SQL "[Link] SQL injection based blin
Injection id=1" --technique=BLIND vulnerabilities. injection

Tests
Testing for sqlmap -u specifically for Vulnerable
Time-based "[Link] time-based based blin
SQL Injection id=1" --technique=TIME SQL injection injection
vulnerabilities.

available
sqlmap -u Retrieves the
Enumerating databases:
"[Link] list of
Databases informatio
id=1" --dbs databases.
users, pro

sqlmap -u Lists tables in


Enumerating Table: acc
"[Link] the specified
Tables orders, pr
id=1" -D users --tables database.

[Link] 5/8
05/08/2025, 19:14 SQLMap | Hackviser

Command Example Usage Function Output E

sqlmap -u Lists columns


Enumerating "[Link] in the Column: id
Columns id=1" -D users -T accounts -- specified username,
columns table.

Extracts data
sqlmap -u id: 1, use
Data from the
"[Link] admin, pas
Extraction specified
id=1" -D users -T accounts --dump 12345
table.

sqlmap -u Dumps all


Dumping All Dumping al
"[Link] data from all
Databases databases.
id=1" --dump-all databases.

sqlmap -u Sends a
Specifying a
"[Link] request with Request se
Custom HTTP
id=1" --header="Custom-Header: a custom custom hea
Header
Value" HTTP header.

sqlmap -u Uses specified


Using Request se
"[Link] cookies in the
Cookies specified
id=1" --cookie="SESSIONID=abc123" request.

sqlmap -u Routes traffic


Using Proxy
"[Link] through a Traffic ro
for Traffic
id=1" -- specified through pr
Analysis
proxy="[Link] proxy.

Saves output
Saving sqlmap -u
to the Output sav
Output to a "[Link]
specified output dir
File id=1" --output-dir=output
directory.

Executing sqlmap -u Opens a SQL SQL shell


SQL "[Link] shell for
Commands id=1" --sql-shell manual SQL

[Link] 6/8
05/08/2025, 19:14 SQLMap | Hackviser

Command Example Usage Function Output E

command
execution.

Executes
Running OS sqlmap -u system
Shell "[Link] commands OS shell o
Commands id=1" --os-shell on the target
server.

sqlmap -u Checks for file


Checking for File inclu
"[Link] inclusion
File Inclusion successful
id=1" --file-write=[Link] vulnerabilities.

sqlmap -u
Uploads a file
Injecting "[Link] File uploa
to the target
Files id=1" --file- successful
server.
dest="/var/www/[Link]"

Loads
Using a sqlmap -u Configurat
configuration
Configuration "[Link] loaded fro
options from
File id=1" --conf-file=[Link] [Link]
a file.

Provides
Using sqlmap -u
detailed Verbose ou
Verbose "[Link]
output of the enabled
Mode id=1" --verbose=3
process.

Sets a custom
sqlmap -u
Specifying a User-Agent Request se
"[Link]
User-Agent for the custom Use
id=1" --user-agent="Mozilla/5.0"
request.

sqlmap -u Specifies the


Testing with
"[Link] HTTP method Request se
Different
id=1" --method=POST -- and data for POST metho
Methods
data="user=admin&pass=123" testing.

[Link] 7/8
05/08/2025, 19:14 SQLMap | Hackviser

Command Example Usage Function Output E

Attempts to
sqlmap -u
Bypassing bypass Web WAF bypass
"[Link]
WAFs Application attempted
id=1" --waf
Firewalls.

Tags: Web SQL Injection

[Link] 8/8

You might also like