Sqlmap is a powerful open-source tool for automating the process of detecting and exploiting SQL injection flaws. It comes preinstalled in Linux distributions like Kali Linux or BackBox.
Some features include:
- Full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase and SAP MaxDB database management systems.
- Full support for six SQL injection techniques: boolean-based blind, time-based blind, error-based, UNION query, stacked queries and out-of-band.
- Support to directly connect to the database without passing via a SQL injection, by providing DBMS credentials, IP address, port, and database name.
- Support to enumerate users, password hashes, privileges, roles, databases, tables, and columns.
- Automatic recognition of password hash formats and support for cracking them using a dictionary-based attack.
- Support to dump database tables entirely, a range of entries or specific columns as per user’s choice. The user can also choose to dump only a range of characters from each column’s entry.
And many other features like fingerprint, enumeration, and takeover.
Sqlmap installation under Windows
To run sqlmap under Windows with NTLM authentication, we need to install python-ntlm first.
sqlmap requires python-ntlm
- Install Python 2.7.17 – https://www.python.org/downloads/release/python-2717/
- Download sqlmap – https://github.com/sqlmapproject/sqlmap/zipball/master
- Install setuptools, download https://bootstrap.pypa.io/ez_setup.py
python ez_setup.py
Setuptools installation
4. Download and extract python-ntlm from https://github.com/mullender/python-ntlm
cd python-ntlm-master\python26
python setup.py install
5. Run sqlmap:
python sqlmap.py -u https://URL –auth-type NTLM –auth-cred “Domain\Username:Password”
sqlmap 1.4.3.5
To get a list of basic options and switches use: sqlmap -h. To get a list of all options and switches use: sqlmap -hh.
To get an overview of sqlmap capabilities, we recommend reading the user’s manual (https://github.com/sqlmapproject/sqlmap/wiki).
Get in Touch With A LIFARS Expert Today!