SQL Injection Via SQLMap

Palvinder Singh conducted a web application penetration test using SQLMap on http://test.php.vulnweb.com/search.php?test=query. He used SQLMap to find the database name "Acuart", enumerate the tables, collect information from the users table, and crack the MD5 hashed password to discover the username and password were both "test".

Uploaded by

lebahkayu.id

Available Formats

Download as PDF, TXT or read online on Scribd

Download as pdf or txt

0% found this document useful (0 votes)

41 views10 pages

SQL Injection Via SQLMap

Uploaded by

lebahkayu.id

Available Formats

Download as PDF, TXT or read online on Scribd

Download as pdf or txt

You are on page 1/ 10

Palvinder Singh | Cyber Security Expert Web Application Penetration

Testing

Web Application Penetration Testing

SQL Injection via SQLMap (Kali Linux)

Over a Legal Testing Website
http://test.php.vulnweb.com/

Mr. Palvinder Singh

Cyber Security Expert

1
Palvinder Singh | Cyber Security Expert Web Application Penetration
Testing

Introduction:
sqlmap is an open source penetration testing tool that automates the
process of detecting and exploiting SQL injection flaws and taking over
of database servers. It comes with a powerful detection engine, many
niche features for the ultimate penetration tester and a broad range of
switches lasting from database fingerprinting, over data fetching from
the database, to accessing the underlying file system and executing
commands on the operating system via out-of-band connections.

2
Palvinder Singh | Cyber Security Expert Web Application Penetration
Testing

Features:
● Full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft
Access, IBM DB2, SQLite, Firebird, Sybase, SAP MaxDB, HSQLDB and Informix
database management systems.
● Full support for six SQL injection techniques: boolean-based blind, time-based blind,
error-based, UNION query-based, stacked queries and out-of-band.
● Support to directly connect to the database without passing via a SQL injection, by
providing DBMS credentials, IP address, port and database name.
● Support to enumerate users, password hashes, privileges, roles, databases,
tables and columns.
● Automatic recognition of password hash formats and support for c racking them using a
dictionary-based attack.
● Support to dump database tables entirely, a range of entries or specific columns as per user's
choice. The user can also choose to dump only a range of characters from each column's entry.
● Support to search for specific database names, specific tables across all
databases or specific columns across all databases' tables. This is useful, for
instance, to identify tables containing custom application credentials where relevant columns' names
contain string like name and pass.
● Support to download and upload any file from the database server underlying file system
when the database software is MySQL, PostgreSQL or Microsoft SQL Server.
● Support to execute arbitrary commands and retrieve their standard output on
the database server underlying operating system when the database software is MySQL, PostgreSQL
or Microsoft SQL Server.
● Support to establish an out-of-band stateful TCP connection between the
attacker machine and the database server underlying operating system. This channel
can be an interactive command prompt, a Meterpreter session or a graphical user interface (VNC)
session as per user's choice.
● Support for d atabase process' user privilege escalation via Metasploit's Meterpreter
getsystem command.

3
Palvinder Singh | Cyber Security Expert Web Application Penetration
Testing

Execution Over Kali Linux:

Step 1:
Find the Get Method of the website by checking all the link and submitting the
input.

i.e. ?something=something

http://test.php.vulnweb.com/search.php?test=query

4
Palvinder Singh | Cyber Security Expert Web Application Penetration
Testing

Step 2:
http://test.php.vulnweb.com/search.php?test=query - - dbs

Find The Name Of Database Of The Website

The name of the Database is Acuart.

5
Palvinder Singh | Cyber Security Expert Web Application Penetration
Testing

Step 3:
Finding all tables in the database

http://test.php.vulnweb.com/search.php?test=query –D acurat - -tables

6
Palvinder Singh | Cyber Security Expert Web Application Penetration
Testing

Step 4:
Collecting Information about users table.

http://test.php.vulnweb.com/search.php?test=query –D acurat –T users

–dump

7
Palvinder Singh | Cyber Security Expert Web Application Penetration
Testing

System is asking For the dictionary because the password is in the md5
form.

8
Palvinder Singh | Cyber Security Expert Web Application Penetration
Testing

After Searching the password in the Default wordlist we find the user
name is test and password is also test

9
Palvinder Singh | Cyber Security Expert Web Application Penetration
Testing

Capstone Project Solution of Threat Modeling
No ratings yet
Capstone Project Solution of Threat Modeling
6 pages
ACA BigData Consolidated Dump
No ratings yet
ACA BigData Consolidated Dump
29 pages
Manual SQL Injection Using DVWA
100% (1)
Manual SQL Injection Using DVWA
16 pages
PHP Microservices
From Everand
PHP Microservices
Carlos Pérez Sánchez
3/5 (1)
Abusing SQL
No ratings yet
Abusing SQL
135 pages
Skskksks
No ratings yet
Skskksks
25 pages
Sqlmap - By-22011556-105
No ratings yet
Sqlmap - By-22011556-105
22 pages
Web Penetration Testing Checklist For Bug Hunters
No ratings yet
Web Penetration Testing Checklist For Bug Hunters
7 pages
Web Application Security: ISACA Bangalore Chapter Aug 2007 Runa Dwibedi
No ratings yet
Web Application Security: ISACA Bangalore Chapter Aug 2007 Runa Dwibedi
49 pages
Web Application Security: ISACA Bangalore Chapter Aug 2007 Runa Dwibedi
No ratings yet
Web Application Security: ISACA Bangalore Chapter Aug 2007 Runa Dwibedi
49 pages
Cyber Security Hackathon Training
No ratings yet
Cyber Security Hackathon Training
69 pages
Database Security Lab Manual
100% (2)
Database Security Lab Manual
65 pages
Security
No ratings yet
Security
9 pages
AD Penetration Testing + Red Team Tactics
100% (1)
AD Penetration Testing + Red Team Tactics
10 pages
Database Penetration Testing
No ratings yet
Database Penetration Testing
15 pages
Cyber Security Greens Syllabus
No ratings yet
Cyber Security Greens Syllabus
35 pages
OWASP Web and Mobile App Security
No ratings yet
OWASP Web and Mobile App Security
101 pages
Introduction To Web Penetration Testing
No ratings yet
Introduction To Web Penetration Testing
60 pages
Ciso Wapt Finalppt 201201112006
No ratings yet
Ciso Wapt Finalppt 201201112006
25 pages
Module 05
No ratings yet
Module 05
60 pages
Use SQLMAP SQL Injection To Hack A Website and Database in Kali Linux
No ratings yet
Use SQLMAP SQL Injection To Hack A Website and Database in Kali Linux
19 pages
Chapter 7 Application Vulnerabilities
No ratings yet
Chapter 7 Application Vulnerabilities
73 pages
Ethical Hacking and Cyber Security - IIT Roorkee
No ratings yet
Ethical Hacking and Cyber Security - IIT Roorkee
4 pages
Active Directory Pentest Course
No ratings yet
Active Directory Pentest Course
10 pages
18bit0236 Ism Lab Da 6
No ratings yet
18bit0236 Ism Lab Da 6
13 pages
Presentacion-Tema-2-Test de Penetracion
No ratings yet
Presentacion-Tema-2-Test de Penetracion
33 pages
Cyber_Security__Ethical_Hacking_Course_Content_-_Latest
No ratings yet
Cyber_Security__Ethical_Hacking_Course_Content_-_Latest
5 pages
Task-1 (pt)
No ratings yet
Task-1 (pt)
35 pages
WAS Unit 4 PPT
No ratings yet
WAS Unit 4 PPT
32 pages
The Fundamentals of Network Penetration Testing
No ratings yet
The Fundamentals of Network Penetration Testing
6 pages
Chapter 05 - Application Attacks - Handout
No ratings yet
Chapter 05 - Application Attacks - Handout
59 pages
Core Impact Pro Data Sheet
No ratings yet
Core Impact Pro Data Sheet
2 pages
Active Directory Pentest Course 1705144142
No ratings yet
Active Directory Pentest Course 1705144142
10 pages
Web Application Security - SQL Injection Attacks: For Example
No ratings yet
Web Application Security - SQL Injection Attacks: For Example
2 pages
WWW Stationx Net Penetration Testing Tools For Kali Linux
No ratings yet
WWW Stationx Net Penetration Testing Tools For Kali Linux
12 pages
Vulnerabilities in Modern Web Applications
100% (1)
Vulnerabilities in Modern Web Applications
34 pages
Active Directory Penetration Testing Training Online
No ratings yet
Active Directory Penetration Testing Training Online
10 pages
Cypress
No ratings yet
Cypress
2 pages
Levelup0X Bug Bounty Hunting Training
100% (2)
Levelup0X Bug Bounty Hunting Training
8 pages
9 Ways To Hack A Web App
No ratings yet
9 Ways To Hack A Web App
48 pages
Domain 4
No ratings yet
Domain 4
8 pages
Auditing-Oracle-Database Joa Eng 1114
No ratings yet
Auditing-Oracle-Database Joa Eng 1114
7 pages
Nilesh Chouibisa
No ratings yet
Nilesh Chouibisa
15 pages
TechCorp IAM Implementation Plan
No ratings yet
TechCorp IAM Implementation Plan
11 pages
04. Security Testing Worklfow (1)
No ratings yet
04. Security Testing Worklfow (1)
18 pages
With Emphasis On Web Applications Security Related Issues
0% (1)
With Emphasis On Web Applications Security Related Issues
28 pages
Intern
No ratings yet
Intern
12 pages
Hack2Secure Web Application Security Testing Workshop Reference Guide
No ratings yet
Hack2Secure Web Application Security Testing Workshop Reference Guide
9 pages
SQLDEV320A Week 9-1
No ratings yet
SQLDEV320A Week 9-1
38 pages
Auditing The Development of Web-Based Applications: Jian Zhen
No ratings yet
Auditing The Development of Web-Based Applications: Jian Zhen
44 pages
L11 WebTesting
No ratings yet
L11 WebTesting
38 pages
Information Gathering Test Name
No ratings yet
Information Gathering Test Name
15 pages
Desenvolvimento Seguro
No ratings yet
Desenvolvimento Seguro
215 pages
Burp Suite
No ratings yet
Burp Suite
35 pages
Security Best Practices For Postgresql: Whitepaper
No ratings yet
Security Best Practices For Postgresql: Whitepaper
14 pages
OWASP Top Ten Proactive Controls v3
No ratings yet
OWASP Top Ten Proactive Controls v3
110 pages
Web Application Pentesting
No ratings yet
Web Application Pentesting
6 pages
A Closer Look On C&C Panels: Seminar On Practical Security Tandhy Simanjuntak
No ratings yet
A Closer Look On C&C Panels: Seminar On Practical Security Tandhy Simanjuntak
39 pages
SomeVulnerabilityScans & PenetrationTest
No ratings yet
SomeVulnerabilityScans & PenetrationTest
52 pages
Mastering Kali Linux for Advanced Penetration Testing
From Everand
Mastering Kali Linux for Advanced Penetration Testing
Robert W. Beggs
4/5 (1)
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide
From Everand
Advanced Penetration Testing for Highly-Secured Environments: The Ultimate Security Guide
Lee Allen
4.5/5 (6)
Documentation and Data Management
No ratings yet
Documentation and Data Management
3 pages
Oct2024_KeyFunctionality_RPFtemplate (1)
No ratings yet
Oct2024_KeyFunctionality_RPFtemplate (1)
48 pages
Chapter 1 C++
No ratings yet
Chapter 1 C++
16 pages
C.S.R. Prabhu, "E-governenceC.S.R. Prabhu, "E-Governence
0% (1)
C.S.R. Prabhu, "E-governenceC.S.R. Prabhu, "E-Governence
2 pages
Syllabuss
No ratings yet
Syllabuss
2 pages
UNIT 1 DBMS
No ratings yet
UNIT 1 DBMS
66 pages
(Ebooks PDF) Download Database Engineering Engineering Handbook P.K. Ghosh Full Chapters
100% (6)
(Ebooks PDF) Download Database Engineering Engineering Handbook P.K. Ghosh Full Chapters
62 pages
Page 007
No ratings yet
Page 007
1 page
Dbms Unit 1 Bca 1 Notes For Dbms
No ratings yet
Dbms Unit 1 Bca 1 Notes For Dbms
32 pages
Multimedia & Animation-CCS352 - CAT-1 Questions With Answer Keys
100% (3)
Multimedia & Animation-CCS352 - CAT-1 Questions With Answer Keys
12 pages
1 - Machine Learning
No ratings yet
1 - Machine Learning
26 pages
Ankur Dhawan's Resume-Hackerresume
No ratings yet
Ankur Dhawan's Resume-Hackerresume
1 page
Database Languages
No ratings yet
Database Languages
3 pages
Youtube Transcript Summarizer Using Flask
No ratings yet
Youtube Transcript Summarizer Using Flask
9 pages
Types of Analytics
100% (1)
Types of Analytics
9 pages
SCIENCE Task1
No ratings yet
SCIENCE Task1
2 pages
Real Time Gender Classification and Age Estimation
No ratings yet
Real Time Gender Classification and Age Estimation
3 pages
Infs 111 Session 1 Ugde - 1
No ratings yet
Infs 111 Session 1 Ugde - 1
36 pages
Big Data Management and Analytics Brij B Gupta & Mamtainstant download
100% (1)
Big Data Management and Analytics Brij B Gupta & Mamtainstant download
58 pages
LIBRARY AUTOMATION
No ratings yet
LIBRARY AUTOMATION
7 pages
Optical Character Recognition: Presented By: - Vikas Shukla - Raj Singh
No ratings yet
Optical Character Recognition: Presented By: - Vikas Shukla - Raj Singh
11 pages
Science
No ratings yet
Science
13 pages
The Challenges of Project Management in Small and PDF
No ratings yet
The Challenges of Project Management in Small and PDF
23 pages
Cse2002 Data-structures-And-Algorithms LTP 2.0 2 Cse2002 Data-structures-And-Algorithms LTP 2.0 1 Cse2002-Data Structures and Algorithms
No ratings yet
Cse2002 Data-structures-And-Algorithms LTP 2.0 2 Cse2002 Data-structures-And-Algorithms LTP 2.0 1 Cse2002-Data Structures and Algorithms
3 pages
Expert Systems in Library and Information Science
No ratings yet
Expert Systems in Library and Information Science
9 pages
Guía de la IA para el Abogado
No ratings yet
Guía de la IA para el Abogado
58 pages
Data Analytics Trend Report Guide PDF
No ratings yet
Data Analytics Trend Report Guide PDF
12 pages
CV Data Scientist Machine Learning Deep Learning
No ratings yet
CV Data Scientist Machine Learning Deep Learning
3 pages
All-In-One Emotion, Sentiment and Intensity Prediction Using A Multi-Task Ensemble Framework-Ppt-1
No ratings yet
All-In-One Emotion, Sentiment and Intensity Prediction Using A Multi-Task Ensemble Framework-Ppt-1
29 pages