Skip to content


stamparm edited this page Oct 30, 2014 · 17 revisions


Verbose output (option -v set to 3):

Verbose output set to 3

Concatenation of three tamper scripts to obfuscate the injected SQL payloads (option --tamper set to between,randomcase,space2comment):

Tamper scripts in action

Cracking dumped databased users' password hashes (switch --passwords):

Users' password hashes cracking

Enumerating database table's columns (switch --columns):

Database table's columns dump

Mnemonics (option -z set to "flu,bat,tec=B"):

Mnemonics usage

Conducting through tests only if positive heuristic(s) (switch --smart):

Smart mode

DNS exfiltration technique (option --dns-domain):

DNS exfiltration technique

Identify WAF/IDS/IPS protection (switch --identify-waf):

Identify WAF/IDS/IPS protection

HTTP parameter pollution (switch --hpp):

HTTP parameter pollution

Replicating table to a local SQLite3 database (option --dump-format set to SQLITE):

Replicated table

Dumping table to HTML format (option --dump-format set to HTML):

Dumped table to HTML

OS pwn mode (Meterpreter) (switch --os-pwn):

OS pwn mode

OS shell mode (switch --os-shell):

SQL shell mode

SQL shell mode (switch --sql-shell):

SQL shell mode

Wizard mode (switch --wizard):

Wizard mode

sqlmap wiki pages

User's manual


  • FAQ - Frequently Asked Questions
  • Presentations - Materials from sqlmap team presented at conferences
  • Screenshots - Collection of screenshots demonstrating some of features
  • Third party libraries - Detailed information about third-party libraries and tools used by sqlmap
Clone this wiki locally
You can’t perform that action at this time.