How to Install SQLMap On Ubuntu 20.04 LTS

Tutorial-Install-and-Use-SQLMap-on-Ubuntu-20.04

SQL injection attack is one of the attacks in the web world that injects SQL codes in the URL and executes the desired commands. One of the most famous SQL injection attacks is SQLMap. We are going to introduce SQLMap in this article and then you will learn How to Install and Use SQLMap on Ubuntu 20.04 LTS. You can check out and linux vps server packages, that is provided on Eldernode website.

Table of Contents

How to run SQLMap on Ubuntu 20

Recommended Article: Tutorial Install Visual Studio Code on Ubuntu 21.04 & 20.04

What is SQLMap?

SQLMap is an open source penetration testing tool that automates the process of identifying and exploiting SQL injection flaws and taking over database servers. This device has many special features such as having a powerful detection engine, database fingerprinting, fetching data from the database, accessing the underlying file system and executing commands on the operating system through out of band connections.

In the continuation of this article from the Ubuntu training series, we intend to teach you How to Install and Use SQLMap on Ubuntu 20.04.

Install SQLMap on Ubuntu 20.04

Before starting the installation, update package repositories with the following command:

sudo apt-get update

Then install SQLMap by running the command below:

sudo apt-get install sqlmap

Finally check the system logs to make sure there are no related errors.

How to Use SQLMap on Ubuntu 20

The following commands show basic help message:

sqlmap -h

sqlmap --help

The following command shows advanced help message:

sqlmap -hh

The command below shows the program ‘s version number:

sqlmap --version

Run the following commands to define the target:

sqlmap -u URL

Use the following commands to specify how to connect to the target URL:

sqlmap --data

sqlmap --cookie

sqlmap --random-agent

sqlmap --proxy

sqlmap --tor

sqlmap --check-tor

Run the following commands to specify which parameters to test for, provide custom injection payloads and optional tampering scripts:

sqlmap -p

sqlmap --dbms

Use the commands below to customize the detection phase:

sqlmap --level

sqlmap --risk

Run the following command to tweak testing of specific SQL injection techniques:

sqlmap --technique

You can enumerate the back-end database management system information, structure and data contained in the tables using the commands below:

sqlmap --all

sqlmap --banner

sqlmap --current-user

sqlmap --current-db

sqlmap --passwords

sqlmap --tables

sqlmap --columns

sqlmap --schema

sqlmap --dump

sqlmap --dump-all

sqlmap -D DB

sqlmap -T TBL

sqlmap -C COL

Run the following commands to access the back-end database management system underlying operating system:

sqlmap --os-shell

sqlmap --os-pwn

Set general working parameters using the commands below:

sqlmap --batch

sqlmap --flush-session

Recommended Article: How to Setup and Configure UrBackup on Ubuntu 20.10

Conclusion

In this article, we introduced one of the most famous SQL injection attacks. SQLMap is an open source penetration testing tool. In this way, you learned How to Install and Use SQLMap on Ubuntu 20.04.

TAGS: