Skip to content

Navigation Menu

Sign in
Appearance settings

Search code, repositories, users, issues, pull requests...

Provide feedback

We read every piece of feedback, and take your input very seriously.

Saved searches

Use saved searches to filter your results more quickly
Appearance settings

Screenshots

Jump to bottom
Miroslav Stampar edited this page Jun 5, 2024 · 18 revisions

Screenshots

Verbose output (option -v set to 3):

Verbose output set to 3

Concatenation of three tamper scripts to obfuscate the injected SQL payloads (option --tamper set to between,randomcase,space2comment):

Tamper scripts in action

Cracking dumped databased users' password hashes (switch --passwords):

Users' password hashes cracking

Enumerating database table's columns (switch --columns):

Database table's columns dump

Mnemonics (option -z set to "flu,bat,tec=B"):

Mnemonics usage

Conducting through tests only if positive heuristic(s) (switch --smart):

Smart mode

DNS exfiltration technique (option --dns-domain):

DNS exfiltration technique

HTTP parameter pollution (switch --hpp):

HTTP parameter pollution

Replicating table to a local SQLite3 database (option --dump-format set to SQLITE):

Replicated table

Dumping table to HTML format (option --dump-format set to HTML):

Dumped table to HTML

OS pwn mode (Meterpreter) (switch --os-pwn):

OS pwn mode

OS shell mode (switch --os-shell):

SQL shell mode

SQL shell mode (switch --sql-shell):

SQL shell mode

Wizard mode (switch --wizard):

Wizard mode

Contents

User's manual


Miscellaneous

  • FAQ - Frequently Asked Questions
  • Presentations - Materials from sqlmap team presented at conferences
  • Screenshots - Collection of screenshots demonstrating some of features
  • Third party libraries - Detailed information about third-party libraries and tools used by sqlmap
Clone this wiki locally
Morty Proxy This is a proxified and sanitized view of the page, visit original site.