SQLMap Essentials Easy
The SQLMap Essentials module will teach you the basics of using SQLMap to discover various types of SQL Injection vulnerabilities, all the way to the advanced enumeration of databases to retrieve all data of interest.
Created by stamparm
Most web applications these days are connected to a database at the backend that stores various types of data the web page needs to display, from user information to front end content.
It is very common for such web applications to improperly implement calls to the database, making it possible for an attacker to manipulate the HTTP requests sent to the server to trick the database into showing more data than the developers intended. This type of attack is called a SQL Injection (SQLi).
SQLMap is an automated tool specializing in automating SQL injection discovery and exploitation, making it very trivial for pentesters to discover and exploit SQL injection vulnerabilities.
SQLMap Essentials module, you will learn the basics of using SQLMap to discover various types of SQL injection vulnerabilities, all the way to advanced database enumeration and retrieval of interesting data.
In this module, we will cover:
- Overview and installation of SQLMap
- Different types of SQL Injection attacks supported by SQLMap, and where to use each
- Understanding the various output of SQLMap, to properly guide your attacks
- Attacking specific parts of a web application with the use of HTTP requests
- Dealing with various types of errors that we may be faced with when using SQLMap
- Using various SQLMap options to tune attacks to our specific needs
- Enumerating full databases and extracting the content of their tables, columns, and rows
- Advanced database enumeration to find specific data
- Finding usernames and passwords within databases and using SQLMap to crack them
- Bypassing various types of protections that may be in place to protect the web application against SQLMap
- Using SQLMap to read and write files to the remote server
- Using SQLMap to execute commands on the remote server and taking complete control over it
This module is broken down into sections with accompanying hands-on exercises to practice each of the tactics and techniques we cover. The module ends with a practical hands-on skills assessment to gauge your understanding of the various topic areas.
As you work through the module, you will see example commands and command output for the various topics introduced. It is worth reproducing as many of these examples as possible to reinforce further the concepts introduced in each section. You can do this in the Pwnbox provided in the interactive sections or your own virtual machine.
You can start and stop the module at any time and pick up where you left off. There is no time limit or "grading," but you must complete all of the exercises and the skills assessment to receive the maximum number of cubes and have this module marked as complete in any paths you have chosen.
The module is classified as "Easy" but assumes a working knowledge of the Linux command line and an understanding of information security fundamentals.
A firm grasp of the following modules can be considered prerequisites for successful completion of this module:
- Networking Fundamentals
- Linux Fundamentals
- Web Requests
- SQLMap Overview
- Getting Started with SQLMap
- SQLMap Output Description
- Running SQLMap on an HTTP Request
- Handling SQLMap Errors
- Attack Tuning
- Database Enumeration
- Advanced Database Enumeration
- Bypassing Web Application Protections
- OS Exploitation
- Skills Assessment