Sqlmap is the most popular tool for automated exploitation of sql injection vulnerability and database takeover. Its written in python is cross platform.
If you are using Backtrack then sqlmap comes pre packaged in it. In this post I am going to show you the simple process to setup and run sqlmap on windows.
1. Download and install Python
Since sqlmap is written in python, the first thing you need is the python interpreter. Download the python interpreter from https://www.python.org/.
Windows installers can be found here:
There are two series of python, 2.7.x and 3.3.x. Sqlmap should run fine with either.
So download and install it.
2. Download and install Sqlmap
Next download the sqlmap zip file from sqlmap.org.
Extract the zip files in any directory.
Launch the dos prompt and navigate to the directory of sqlmap. Now run the sqlmap.py script with the python interpreter.
C:\sqlmapproject-sqlmap-2defc30>python ./sqlmap.py Usage: ./sqlmap.py [options] sqlmap.py: error: missing a mandatory option (-d, -u, -l, -m, -r, -g, -c, --wiza rd, --update, --purge-output or --dependencies), use -h for basic or -hh for adv anced help Press Enter to continue...
That was easy! Sqlmap is asking for some parameters so that it can hack something.
Now that you have finished installing sqlmap and are ready to run it, you might want to read some tutorial on how to use sqlmap. Check out the following post:https://www.binarytides.com/sqlmap-hacking-tutorial/
The source code of Sqlmap is hosted on github. Check it out here: