Notes

sqlmap

What is sqlmap?

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

Options

       __H__
 ___ ___["]_____ ___ ___  
|_ -| . ["]     | .'| . |
|___|_  ["]_|_|_|__,|  _|
      |_|V...       |_|   https://sqlmap.org

Usage: python3 sqlmap [options]

Options:

  -h, --help            Show basic help message and exit
  -hh                   Show advanced help message and exit
  --version             Show program's version number and exit
  -v VERBOSE            Verbosity level: 0-6 (default 1)

Target:

  At least one of these options has to be provided to define the
  target(s)

  -u URL, --url=URL   Target URL (e.g. "http://www.site.com/vuln.php?id=1")
  -g GOOGLEDORK       Process Google dork results as target URLs

Request:

  These options can be used to specify how to connect to the target URL

  --data=DATA         Data string to be sent through POST (e.g. "id=1")
  --cookie=COOKIE     HTTP Cookie header value (e.g. "PHPSESSID=a8d127e..")
  --random-agent      Use randomly selected HTTP User-Agent header value
  --proxy=PROXY       Use a proxy to connect to the target URL
  --tor               Use Tor anonymity network
  --check-tor         Check to see if Tor is used properly

Injection:

 These options can be used to specify which parameters to test for,
 provide custom injection payloads and optional tampering scripts

 -p TESTPARAMETER    Testable parameter(s)
 --dbms=DBMS         Force back-end DBMS to provided value

Detection:

  These options can be used to customize the detection phase

  --level=LEVEL       Level of tests to perform (1-5, default 1)
  --risk=RISK         Risk of tests to perform (1-3, default 1)

Techniques:

  These options can be used to tweak testing of specific SQL injection
  techniques

  --technique=TECH..  SQL injection techniques to use (default "BEUSTQ")

Enumeration:

 These options can be used to enumerate the back-end database
 management system information, structure and data contained in the
 tables

 -a, --all           Retrieve everything
 -b, --banner        Retrieve DBMS banner
 --current-user      Retrieve DBMS current user
 --current-db        Retrieve DBMS current database
 --passwords         Enumerate DBMS users password hashes
 --tables            Enumerate DBMS database tables
 --columns           Enumerate DBMS database table columns
 --schema            Enumerate DBMS schema
 --dump              Dump DBMS database table entries
 --dump-all          Dump all DBMS databases tables entries
 -D DB               DBMS database to enumerate
 -T TBL              DBMS database table(s) to enumerate
 -C COL              DBMS database table column(s) to enumerate

Operating system access:

    These options can be used to access the back-end database management
    system underlying operating system

    --os-shell          Prompt for an interactive operating system shell
    --os-pwn            Prompt for an OOB shell, Meterpreter or VNC

General:

    These options can be used to set some general working parameters

    --batch             Never ask for user input, use the default behavior
    --flush-session     Flush session files for current target

Miscellaneous:

    These options do not fit into any other category

    --wizard            Simple wizard interface for beginner users

Source

Man page sqlmap
Sqlmap hindi