It is so hard to keep ourselves safe while we are on the Internet. And If you own a website, then you must give most of your time to its security.
Well, we are not going to talk about security, we are going to talk about breaking into security. The first step of hacking is gathering information as much as possible, secondly, analyze them to find holes in security.It’s hard to find a good script that can give us what we want. But SQLMap can help us with it. SQLMap is an open-source project written in python which can automate the process of SQL Injection.
What is SQL injection?
SQL injection is a method to bypass website security and get access to its database. Here malicious codes are applied on the website as SQL statements. It usually occurs when a user is asked to input something on a webpage.
Let’s try it on Termux and see what happens.
Configuring SQLMap on Termux
SQLMap comes preinstalled in Kali Linux but in the case of Termux, we have to download it from Github. Well, we can install it directly from Termux repos, but it gives so many annoying errors.
So, open up the Termux application and Download SQLMap. Now navigate to the downloaded directory and then to the SQLMap folder. Follow the instructions given below.
git clone https://github.com/sqlmapproject/sqlmap.git
cd sqlmap
ls
Navigate to the ‘sqlmap‘ folder and look for the script named “sqlmap.py“. This is the script we need to launch the tool.
Finding SQL vulnerable Targets
You can either scan a website and gather as much as possible information, analyze them, and find out the loophole or you can just choose a random target, well if you are practicing only.
Option 1: To practice legally, you can visit the http://hack.me and create a sandbox and use it to apply SQL injection. To do that follow these steps.
#1. On the Hackme dashboard, click on ‘Start a Hackme’ and then in the search bar search for the term ‘sql‘.
#2. It will show you some SQL vulnerable projects uploaded by developers willingly. Choose one and click on ‘Start’.
#3. After clicking on ‘Start’ it will create you a sandbox or in other words, it will give you a vulnerable site to practice.
Option 2: You can use google dorks to find out vulnerable sites but obviously you can’t just pick one and test it as it is not legal to do without the owner’s permission. But it’s on you.
Here are some dorks you can use to find SQL vulnerable sites.
article.php?id=
add-to-cart.php?id=
archive.php?id=
phpx?PageID
book_list.php?bookid=
Make sure you don’t get caught
This is the most important step and we don’t need to explain to you why this step is important. To hide/anonymize yourself you can use the TOR service with SQLmap. Just install the TOR service using the command-
apt install tor
You just need to add ‘–tor‘ with the command you hit to run the TOR service.
Understanding SQLMap Options
We are describing a few options that are mostly used in the attack. To see the options you can use in SQL injection just hit this command- python sqlmap -h
#1. python sqlmap.py -u URL –all = Includes all options
#2. python sqlmap.py -u URL –tables = To find tables
#3. python sqlmap -u URL –columns = To find columns
#4. python sqlmap -u URL –dump = To dump database