Hey Folks, we have again come up with another topic which is related to sqlmap tool. In this tool tutorial we will cover the “wizard” feature of the sqlmap tool which will help speed up our work. Usually we first dump the database, then their tables, columns and so on and thus it takes a lot of time to dump the complete database of the web application, So for not doing the whole process we will just add a keyword “wizard” which will automatically dump the entire database in the web application.
Lets try it 🙂 !!
We’ll use the DVWA vulnerable web application to demonstrate this feature of the sqlmap tool. But if you have not configured this web application then you can configure it by going here. When we enter a numeric string after it enters the SQL injection section, we get information about users on the web application, which seems like that the web application is vulnerable to the vulnerability of SQL injection.
Now at this time we will need the cookies of current users to use this tool feature. Let’s open the brupsuite tool, intercept the request and copy the highlighted text as shown in the image below.
You just need to execute the following command by changing the value of the cookie according to you. After activate the wizard feature of this tool you get level, risk and enumerate options in which we’ll select option first in both choices.
Usage 🙂 !! sqlmap -u “< URL >” –cookie < cookies > –wizard
sqlmap -u "http://192.168.1.13/DVWA/vulnerabilities/sqli/?id=2&Submit=Submit#" --cookie=">After choosing the difficulty and risk level normal, we only obtain information related to the database present in the web application.
Now we will move the level of risk from normal to medium and as well as from basic to intermediate of enumeration, which means we will select the second option of the both choice.
Usage 🙂 !! sqlmap -u "< URL >" --cookie < cookies > --wizard
sqlmap -u "http://192.168.1.13/DVWA/vulnerabilities/sqli/?id=2&Submit=Submit#" --cookie=">After increase the levels of risk and enumeration then we get a lot more information than before.
As you can see it dumped the database name, their tables, columns and user details.
Again we will move the level of risk from medium to high and as well as from intermediate to all of enumeration, which means we will select the third option of the both choice.
Usage 🙂 !! sqlmap -u "< URL >" --cookie < cookies > --wizard
sqlmap -u "http://192.168.1.13/DVWA/vulnerabilities/sqli/?id=2&Submit=Submit#" --cookie=">Amazing 🙂 !! Now it has dumped the users' password in clear text.
We had selected the "all" option during the choice, which is why it dumped all important information from the web server.
Done 🙂 !! Similarly, you can easily get data from any web application database by entering some numeric digit.
A keen learner and passionate IT student. He has done Web designing, CCNA, RedHat, Ethical hacking, Network & web penetration testing. Currently, he is completing his graduation and learning about Red teaming, CTF challenges & Blue teaming.
The gau (Get All URLs) tool is a versatile open-source utility that collects URLs from…
Jsluice++ is a Burp Suite extension designed for passive and active scanning of JavaScript traffic…
Hey Folks :) !! In this tutorial, we will describe some of the techniques commonly…
Hey Folks :) !! In this article, we present the "Termux Cheat Sheet for Hackers"…
Amid the rapid advancement of technology, the significance of human involvement in cybersecurity frequently goes…
Hey Folks, we are back today after such a long break, but don't worry we…
This website uses cookies.
View Comments
Very nicе post. I simply stumbled upon your ƅlog and wished to mention that Ӏ have really enjoyed browsing your weblog
posts. Іn any case I will be subscribіng in уour rss
feed and I am hoping yoᥙ write once more very soon!
Thanks for your valubale feedback :) !!