Insights >Blog

SQL injection using SQLMAP

Danilo Vezzoni

December 13th, 2012

SQL injection

This tool is open source and just requires installation of Python for it to work.

It has complete support for MySQL, Oracle, PostgreSQL y Microsoft SQL. Besides these four database system management, sqlMap can also identify Microsoft Access, DB2, Informix, Sybase and Interbase.

This powerful tool can be manipulated through commands and next we will take a look at those that are frequently used for data extraction from a web site.

For this guide, I will use Backtrack which brings sqlmap already installed. You can find it in:

Applications  >>  Backtrack  >>  Exploitation Tools  >>  Web Exploitation Tools  >>  sqlmap

When running it, you will see something like this:

For this tutorial I have prepared a vulnerable site. The first step is to find a section to inject. I will use the following:

To find out whether the site is vulnerable or not, we must generate an error.  To do this, I’m going to change the number 7 to a single quote (‘).  I could have used a negative number or anything.  If the site is vulnerable, it should show some kind of error.

Once we’ve found where we want to do the injection, we run the following command to get the names of the databases of the site:

python -u –dbs

Now we have the database name, which is smartene_SEH.

Then we’ll search the table names, to do that we need to execute a similar command with some extra parameters.

python -u –D smartene_SEH — tables

Finally, to dump a table and get its information, we need to run the following command:

python -u –D smartene_SEH –T usuarios – -dump

As a result, we’ll get the data of that table:

That’s all about it!



Related posts

See also


Software development

Software testing

Consultancy & innovation

User experience



Media & entertainment


All industries






Why Belatrix?

International presence

Nearshore advantages

Project governance

Agile expertise

Flexible engagement models

Our talent development