SQLMAP ๊ฐ์ง ๋ฐ SQL ์ฃผ์ ์ทจ์ฝ์ ์ ์ด์ฉํ์ฌ ๋ฐ์ดํฐ๋ฒ ์ด์ค ์๋ฒ์ ์ธ๊ณ ๊ณผ์ ์ ์๋ํํ๋ ์คํ ์์ค ์นจ์ ํ ์คํธ ๋๊ตฌ์ ๋๋ค. ,์ด๊ฒ์ ๋ฐ์ดํฐ๋ฒ ์ด์ค์์ ๊ธฐ๋ณธ ํ์ผ ์์คํ ์ ์ก์ธ์คํ๊ณ ๋ฐ์ ํตํด ์ด์ ์ฒด์ ์์ ๋ช ๋ น์ ์คํํ๋ ํ์น ๋ฐ์ดํฐ์ ๊ถ๊ทน์ ์ธ ์นจ์ ํ ์คํฐ ๋ฐ ๋ฐ์ดํฐ๋ฒ ์ด์ค ์ง๋ฌธ์์ ์ง์ ์ค์์น์ ๋์ ,๋ฒ์์ ๋ํ ๋ง์ ํ์ ๊ธฐ๋ฅ,โโ ๊ฐ๋ ฅํ ๊ฒ์ ์์ง์ด ํฌํจ๋์ด ์์ต๋๋ค .
root@kali:~# sqlmap = automatic SQL injection tool
๋์๋ง
root@kali:~# sqlmap -h
Usage: python sqlmap [options]
Options:
-h, --help Show basic help message and exit
-hh Show advanced help message and exit
--version Show program's version number and exit
-v VERBOSE Verbosity level: 0-6 (default 1)
Target:
At least one of these options has to be provided to define the
target(s)
-u URL, --url=URL Target URL (e.g. "http://www.site.com/vuln.php?id=1")
-g GOOGLEDORK Process Google dork results as target URLs
Request:
These options can be used to specify how to connect to the target URL
--data=DATA Data string to be sent through POST
--cookie=COOKIE HTTP Cookie header value
--random-agent Use randomly selected HTTP User-Agent header value
--proxy=PROXY Use a proxy to connect to the target URL
--tor Use Tor anonymity network
--check-tor Check to see if Tor is used properly
Injection:
These options can be used to specify which parameters to test for,
provide custom injection payloads and optional tampering scripts
-p TESTPARAMETER Testable parameter(s)
--dbms=DBMS Force back-end DBMS to this value
Detection:
These options can be used to customize the detection phase
--level=LEVEL Level of tests to perform (1-5, default 1)
--risk=RISK Risk of tests to perform (0-3, default 1)
Techniques:
These options can be used to tweak testing of specific SQL injection
techniques
--technique=TECH SQL injection techniques to use (default "BEUSTQ")
Enumeration:
These options can be used to enumerate the back-end database
management system information, structure and data contained in the
tables. Moreover you can run your own SQL statements
-a, --all Retrieve everything
-b, --banner Retrieve DBMS banner
--current-user Retrieve DBMS current user
--current-db Retrieve DBMS current database
--passwords Enumerate DBMS users password hashes
--tables Enumerate DBMS database tables
--columns Enumerate DBMS database table columns
--schema Enumerate DBMS schema
--dump Dump DBMS database table entries
--dump-all Dump all DBMS databases tables entries
-D DB DBMS database to enumerate
-T TBL DBMS database table(s) to enumerate
-C COL DBMS database table column(s) to enumerate
Operating system access:
These options can be used to access the back-end database management
system underlying operating system
--os-shell Prompt for an interactive operating system shell
--os-pwn Prompt for an OOB shell, Meterpreter or VNC
General:
These options can be used to set some general working parameters
--batch Never ask for user input, use the default behaviour
--flush-session Flush session files for current target
Miscellaneous:
--wizard Simple wizard interface for beginner users
sqlmap usage example
root@kali:~# sqlmap -u "http://192.168.1.250/?p=1&forumaction=search" --dbs
sqlmap/1.0-dev - automatic SQL injection and database takeover tool
http://sqlmap.org
'Metasploit > Kali & Backtrack' ์นดํ ๊ณ ๋ฆฌ์ ๋ค๋ฅธ ๊ธ
| netool ์ค์น๋ฐฉ๋ฒ(how to install netool) (0) | 2016.12.16 |
|---|---|
| kali linux 2.0 apt-get (0) | 2015.12.10 |
| Reading package lists Error (0) | 2015.11.16 |
| SSLsplit (0) | 2015.09.07 |
| how to hack wifi using backtrack (0) | 2015.09.03 |
๋๊ธ