What is Sqlmap – Troubleinthepeace


Today we talk about Hacking with an old but new tool. SQL Injection vulnerabilities have been around for a long time and are quite familiar to us. However, this error is old but still dangerous for any website to make.

You are viewing: What is Sqlmap

The reason is compared to the lack of care in the process of writing data processing code for the website. This vulnerability is often used by Kiddie Scripts to wreak havoc. By the way, if you don’t know who Script Kidde is referring to? then please read here.

This error allows an intruder to request the server to return data without logging in. So what do you think if the information about the admin account is requested to be sent to Hacker? Is the whole site going to die with this Hacker’s trick?

Leverage SQLMap to Find SQL Injection Vulnerabilities

You don’t have to work hard to learn each command line like before and it doesn’t take too much time. If you are a Kidde Script ? You will definitely love it SQLMap and what it can do for you. First of all, I would like to briefly explain about SQLMap for those who do not know.

What is SQLMap?

This is a tool to help you exploit SQL-related vulnerabilities quickly. This tool is considered the most powerful weapon in terms of exploiting this SQL vulnerability. When learning Hacking, you definitely have to use it more or less.

It has many features suitable for SQL penetration testers and a bunch of automatic branching tools to get a database footprint to fetch data from the database. Supports access to the underlying file system and command execution on the operating system over an out-of-band connection.

That is, when you get in, you will be able to manipulate their data through the network.

*

Operating system Kali Linux or Back Track 5 SQLMap is already built in. But for Windows, you have to install Python and SQLMAP to use it. Because SQLMap is written in Python and requires a Python library in your computer to run.

See also: What is Gp – Meaning of the word General Practitioner

Install Python

As mentioned above, to use SQLMap, you must have a Python library on your computer. You can download and install the Python library at the homepage https://www.python.org/ (version 2.7 or higher is recommended).

What’s new in SQLMap v1.2.9?

This is a weapon that has existed for a long time through many versions. But now, it has just been updated to version 1.2.9 with many new features. Specifically, information about the new features in this update is:

Full support for database management systems MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase, SAP MaxDB, HSQLDB and Informix.Full support for six SQL Injection techniques: boolean-based blind, time-based blind, error-based, UNION query-based, stacked queries and out-of-band.Allows a direct connection to the database without passing through SQL injection. You just need to enter DBMS login information, IP address, Port and Database name you want to connect. (This is my favorite) Supports user enumeration, password hashing, privileges, roles, databases, tables and columns.Helps you crack the hash of user passwords. That means you can reverse decrypt and get the password of any user you want. Allow backup (backup) of the database as you like. Gives full control of the database when Successfully infiltrated. Allows you to Download and Upload Files comfortably to the Database very quickly.

There are a few more special features that I have not listed. You can experience and enjoy yourself with this new version. Now I will guide you to install SQLMap (remember to install Python first).

Install SQLMap

You can download the compressed file directly at one of the two links below.

See more: What is OEM – What is OEM and Odm product

Link 1
Link 2
Alternatively, you can use the command Git to Clone the original from the manufacturer.

git clone –depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev

Using

Use the command below to display the basic commands in SQLMap v1.2.9

Source: internet

About Troubleinthepeace

Troubleinthepeace specializing in synthesizing information about daily life activities

View all posts by Troubleinthepeace →

Trả lời

Email của bạn sẽ không được hiển thị công khai.