Before explaining the tool, you know, a lot of hackers are using tools at work. There is a name is called script kiddies, these people are becoming script kiddies to do some of the things written by others script. They do not need to know principle, be used directly on the matter!
Of course, the true hacker is a qualified programmer. They use tools at the same time, to find vulnerabilities, to determine which tool to use to write their own scripts or files on demand again or just write a simple test software (including stress testing, attacks, infiltration and other functions).
If you want to write your own code, then you must first learn high-level language. This is a relatively lengthy process! So, today I come to tell you how to use hacking tools in the end.
SqlMap is an open source penetration testing tool that can automatically detect and exploit SQL injection vulnerabilities and take over the process of the database server. It has a powerful detection engine, for a number of segmentation capabilities final penetration tester and recognition from the fingerprint database, get access to the underlying file system data from a database and perform a wide range of switch commands through out the operating system.
sqlmap features:
- Full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase, SAP MaxDB and HSQLDB database management systems.
- Fully supports six SQL injection techniques: based on Boolean blinds, time-based blind, based on the error, UNION-based query, the query stack and band.
- By providing DBMS credentials, IP address, port, and database name, supports direct connection to the database without going through SQL injection.
- Support enumerate users, password hashes, privileges, roles, databases, tables and columns.
- Automatic identification password hash format, and supports the use of a dictionary-based attack to crack them.
- Support full dump database table, according to a user selection of a particular column or a series of entries dump. The user can also select only a portion of the dump entry characters per row.
- Support search for a specific database name, a particular column in all databases of a particular table or all tables in the database. For example, this comprises identification for custom applications useful credentials table, wherein the name of the associated column contains the string pass, such as name and the like.
- When the database software is MySQL, PostgreSQL or Microsoft SQL Server, the database server underlying file system supports download and upload from any file.
- When the database software is MySQL, PostgreSQL or Microsoft SQL Server, support to execute arbitrary commands on the underlying operating system, database and operating system to retrieve its standard output.
- Support the establishment of a state-of-band TCP connection between the database server machine attacker with the underlying operating system. The user's selection, the channel may be an interactive command prompt, the Meterpreter session or graphical user interface (VNC) session.
- User support processes through Metasploit database of Meterpreter getsystem command privilege escalation.
Say two simple examples of it. sqlmap can tamper with the script, but also to attack the site!
Next, we get started, let you have a preliminary knowledge of sqlmap ~
First, we will sqlmap deployed to our Kali, you can get reply Kali Kali image file in a public number.
Enter the following command to deploy to your sqlmap Kali
git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
cd sqlmap-dev/ //跳转到该目录下使用sqlmap进行一些操作
./sqlmap.py --wizard //面向初学者的简单向导界面
After a simple operation, we can do things in the Network Security Law can be done through the command.
Next, we try to analyze my personal website database
python sqlmap.py -u 网站名/页面名.php?id=31 --dbs
Here are several parameters
--user 枚举 DBMS 用户
--passwords 枚举 DBMS 用户密码哈希
--privileges 枚举 DBMS 用户权限
--roles 枚举 DBMS 用户角色
--dbs 枚举 DBMS 数据库
--tables 枚举 DBMS 数据库
--sql-query=QUERY 要执行的 SQL 语句
After learning the basic sqlmap, our next section will further sqlmap, to do a site inspection. You know! If you have a problem I can add friends to explore together. The above-mentioned tools Kali Kali reply in a public number can get!
