Python – Finding and closing database vulnerabilities / SQLmap
How to use SQLmap in Python
Sqlmap is an easy-to-use Linux tool that provides excellent results with many features such as finding, closing, and attacking database vulnerabilities. This tool analyzes attacks on sites, such as SQL injection and XSS, to protect against such attacks? you’re not? he’il let you know. In this article I will give you information about finding and closing database vulnerabilities with sqlmap.
SQLmap is a tool developed by Python that allows security experts to find and close database vulnerabilities in attacks such as SQL injection. Sqlmap searches open in that site by making combination trials within the web site that you specify as the target with the parameters you specify.
So What Are The Advantages Of Sqlmap?
Finding vulnerabilities in the database with the parameters that you specify in the destination switch on and off and provide you dozens of results for you operates these stores.
Use SQLmap
Sqlmap is a tool that comes installed on Linux. It provides convenience in situations such as SQL injection and XSS attacks. For example, if your site does not have protection against these attacks, the database files will be pulled into a text file. Using sqlmap from the beginning is very simple. Let’s do a test on finding and closing database vulnerabilities.
Yes, I would say that you are lucky to be using Kali Linux. Because it sounds loaded in the car. If you are a Windows user, then you need to set up python 2.7 programming language. You can then download the tool to Windows by clicking on sqlmap. Then Python to the cmd command line to access the corresponding folder sqlmap.py you can run commands by typing.
Friends using Kali Linux can download easily by typing the following code in the root window:
1 git clone git://git.kali.org/packages/sqlmap.git
Yes, we’ve downloaded our sqlmap tool. Now it’s time to build this vehicle. Perform setup by typing the following command.
1 sudo apt install git
Yeah, we’re done with the setup. Now, I’m going to introduce you the parameters we will use on this tool. You can also view sqlmap parameters by clicking on the article in detail.
-u: this command may have been disabled for your channel, and in that case you need to use the access list. For example, this address may be a link to a site where you have a SQL problem.
–DBS: this command allows us to determine and pull databases.
–dump: this command displays the data in the columns on the screen.
–tables and-D: these two commands will determine the name of the database.
–columns: this command allows you to fetch columns that you specify in the database.
The use of this tool is only for finding and closing database gaps. You can now use the following commands to draw a database. Yes, we set the database with the following command. You are typing the site name where you want to test the site name.
1 sqlmap -u "http://siteadı.com/show_cat_page.php?id=3" --dbs
You can then start the pull operation by typing the table name in the database_name location in the following command.
1 sqlmap -u "http://ceburealproperty.com/show_cat_page.php?id=3" --tables -D database_name
Now you can grow old behind your back. Because sqlmap handles transactions for you. By default, these operations are performed with the Get operation. Yes, friends, finding and closing database vulnerabilities, sqlmap has come to the end of our article.