Level: Proficient
Context
SQLMAP is an open source software that is used to detect and exploit database vulnerabilities and provides options for injecting malicious codes into them. It is a penetration testing tool that automates the process of detecting and exploiting SQL injection flaws providing its user interface in the terminal.
Beginners are encouraged to learn to how to use SQLMAP because it automates the exploitation of SQL injection vulnerabilities. At times, these vulnerabilities can be complex to exploit manually.
Some of SQLMAP’s features worth noting:
– Support to download and upload any file from the database server underlying file system when the database software is MySQL, PostgreSQL or Microsoft SQL Server
– Support to execute arbitrary commands and retrieve their standard output
– Support to establish an out-of-band stateful TCP connection between the attacker machine and the database server underlying operating system.
– Database in-memory execution of the Metasploit’s shellcode via sqlmap own user-defined function sys_bineval(). Supported on MySQL and PostgreSQL.
– Support to dump database tables entirely, a range of entries or specific columns as per user’s choice. The user can also choose to dump only a range of characters from each column’s entry.
One disadvantage of using SQLMAP is that it can be noisy. That makes it easier for defenders to detect and block it. Hence, it may not work against targets that have web application firewalls or other controls to defend against automated attacks.
Excerpt
Use SQLMap to exploit a SQL injection vulnerability.
Learning Outcome
Using SQLMAP will teach you what’s possible to accomplish with SQL injection vulnerabilities.
Mastering the tool will help you as a penetration tester.
Knowing the internals of how each technique works will help you master web application exploitation.
Instructions
– Create a web application vulnerable to SQL injection
– Use SQLMAP to dump all the database tables
– Download and upload files from and to the server
– Execute arbitrary commands on the server
– Obtain a Meterpreter reverse-shell on the server
Assignment submission instructions:
Click the button below to record your screen and proceed with the exercise.
Please make sure your video is less than 3 min long.
Submit the video in the window below.
