Ethical Hacking and Penetration Testing Guide

Web Hacking
◾ 
367
Enumerating Databases
The first step would obviously be to enumerate all the databases present in the application. We will 
use the following command from within sqlmap to do this:
./sqlmap.py –u http://172.20.10.4/sqli/?support=yes --dbs
Enumerating Tables
We have now found five databases, of which three are default for mysql—“information_schema”, 
“mysql”, and “performance_schema”—and two that the user created are “dvwa” and “test”. Let’s 
try to extract all the tables present in the dvwa database. We will use the following command:
./sqlmap.py –u http://172.20.10.4/sqli/?support=yes –D dvwa --tables
The --tables instructs the sqlmap to extract all the tables from the dvwa database. We’ve man-
aged to find two tables in the dvwa database. Next, we would try to enumerate the columns in the 
table that we are interested in.
Enumerating the Columns
We found two tables, guestbook and users. For obvious reasons, we are more interested in the 
content of the “users” table. We will supply the following command to extract the columns present 
in the “users” table.

368
◾ 
Ethical Hacking and Penetration Testing Guide
Command
./sqlmap.py –u http://172.20.10.4/sqli/?support=yes –D dvwa –T users 
--columns
Extracting Data from the Columns
We found several columns in the “users” table. We will now ask sqlmap to display information 
present in the “users” column. For this purpose, we would use the following command:
Command
./sqlmap.py –u http://172.20.10.4/sqli/?support=yes –D dvwa –T users 
--dump
The --dump would extract the data from all the columns present in the “users” table.

Yüklə 22,44 Mb.

Dostları ilə paylaş: