SQL map tool is very handy tool to identify SQL injection and provide access to the database with ease. For beginners it is very good tool to start. There is no any dependency to learn about SQL Map. It is pre installed in Kali Linux, you can directly use it after installing Kali Linux onto your system(We already explained the way to how install Kali Linux on your system).
SQL map is opensource tool you can directly download it from its official site(Download SQL Map). It is alreday having a very prowerful engine to detect SQL injection with reqular updates by its team. Provides support on all the main databases(ex: SQL Server,MY SQL,Access,DB2 etc).
Now we are going to explain some basics commands how to use this tool.
It provides all the list of basic commands supported by SQL map.
sqlmap -u <URL for which information needed>
(example – sqlmap – u http://www.abctest.com/product.php?id=1)
Some times server response is very slow and the request gets timeout. To overcome this issues we can add the process by adding this command –time-sec
(example – sqlmap – u http://www.abctest.com/product.php?id=1 –time-sec 10)
sqlmap -u http://www.abctest.com/product.php?id=1 –forms –dbms=MySQL –risk=3 –level=3 –dbs
We are attaching a document with useful commands which will help to beginners alot.
Thanks for your patience 🙂 to read this article. We hope it increases your knowledge about SQL map.