Sql Injection On Steroids With Sqlmap
Posted By: SecurityTube_Bot
Posted On: Mon 21 Feb 2011
Views: 19773
Share this video:
Share it on Facebook Share it on Twitter Share it on Reddit Share it on Digg Share it on Stumbleupon
Support SecurityTube:


Description: Sqlmap is an open source command-line automatic SQL injection tool. Its goal is to detect and take advantage of SQL injection vulnerabilities in web applications. Once it detects one or more SQL injections on the target host, the user can choose among a variety of options to perform an extensive back-end database management system fingerprint, retrieve DBMS session user and database, enumerate users, password hashes, privileges, databases, dump entire or user's specified DBMS tables/columns, run his own SQL statement, read or write either text or binary files on the file system, execute arbitrary commands on the operating system, establish an out-of-band stateful connection between the attacker box and the database server via Metasploit payload stager, database stored procedure buffer overflow exploitation or SMB relay attack and more.

The videos below shows a demo of Sqlmap made by John Strand from Pauldotcom. You can download Sqlmap from here.


Tags: tools ,

Comments (2)

laughfo0l on Thu 05 May 2011

that's awesome! I love this tool :)

hacknix on Thu 26 Jan 2012

I need someone who is capable of hacking* websites & accessing their email database


I don't need scraping,web crawling or extractors


I need this sites HACKED so I gain access to their email DB


I will need to test the result u give me,if it checks out,I am willing to pay up to 3000$

per website and 10-20 websites monthly,which will increase upon delivery of faster & quality

service


Pls note,CONTINUITY is what I am after...I NEED A GOOD PARTNER I CAN WORK WITH FOR A VERY

LONG TIME!. I HAVE AT LEAST 500 WEBSITES ON MY LIST AND IM WILLING TO PAY 3000$ PER WEBSITE

PLEASE SEND ME A MAIL IF U CAN DO THIS ASAP ; omorye007 (at) yahoo (dot) com


Cheers

Login to post a comment