10-17-2013, 04:05 PM
This tutorial will teach you use sqlmap in kali, You can find tutorials like this in Internet mine little more detail and, some member wanted it so, I'm doing
First, Search google dork list find dork you want dosen't matter in this tutorial
Now i assume you picked the dork you want
Go website look for sql syntax error add url this ' " marks
Go website look for sql syntax error add url this ' " marks
![[Image: tksoA3h.png]](http://i.imgur.com/tksoA3h.png)
Now it says sql syntax error do you know why this is happens ?
its happen because when you write this to url, Php tries to run code that already writen but adds extra this from url but when you add this ' or " code looks like this; (very basic example) echo "tutorial"; " <<<< its add extra Quotation Marks it fucks up the code (basically)
its happen because when you write this to url, Php tries to run code that already writen but adds extra this from url but when you add this ' or " code looks like this; (very basic example) echo "tutorial"; " <<<< its add extra Quotation Marks it fucks up the code (basically)
![[Image: pOUkC5q.png]](http://i.imgur.com/pOUkC5q.png)
sqlmap -u (means url)
[To see links please register here]
?vurnablepart=35 --dbs (means database)![[Image: s5iYZtl.png]](http://i.imgur.com/s5iYZtl.png)
Yes Try Everything [Y]
![[Image: mrg7eGG.png]](http://i.imgur.com/mrg7eGG.png)
Sqlmap already finded vurnable dont search for more [Y]
![[Image: Bur3RyX.png]](http://i.imgur.com/Bur3RyX.png)
Finded 2 database and, We are deleting --dbs and writing -D then we select database sda1. Then write --tables
![[Image: nwvKGA8.png]](http://i.imgur.com/nwvKGA8.png)
Now you can see the tables, select table with named Users or Admins same step delete --tables, write -T and --columns
![[Image: GZ8oqsc.png]](http://i.imgur.com/GZ8oqsc.png)
Delete --columns write -C and --dump
![[Image: oD4K5Tc.png]](http://i.imgur.com/oD4K5Tc.png)
Done.