Install sqlmap on Ubuntu 14.04

SQLMAP is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

sqlmap1-01

SQLMAP Features

  • Full support for MySQL, Oracle, PostgreSQL, Microsoft SQL Server, Microsoft Access, IBM DB2, SQLite, Firebird, Sybase and SAP MaxDB database management systems
  • Full support for six SQL injection techniques: boolean-based blind, time-based blind, error-based, UNION query, stacked queries and out-of-band
  • Support to directly connect to the database without passing via a SQL injection, by providing DBMS credentials, IP address, port and database name
  • Support to enumerate users, password hashes, privileges, roles, databases, tables and columns
  • Automatic recognition of password hash formats and support for cracking them using a dictionary-based attack
  • Support to download and upload any file from the database server underlying file system when the database software is MySQL, PostgreSQL or Microsoft SQL Server
  • and many more

[button link=”https://www.youtube.com/user/inquisb/videos” color=”primary”]SQLMAP Demo Videos[/button]

Install SQLMAP on Ubuntu 14.04 & Ubuntu 14.10

wget 'https://github.com/sqlmapproject/sqlmap/tarball/master' --output-document=sqlmapproject-sqlmap-0.9-3671-gdcaad75.tar.gz

tar -xvf sqlmapproject-sqlmap-0.9-3671-gdcaad75.tar.gz

cd sqlmapproject-sqlmap-gdcaad75/

python sqlmap.py --version
 
comments powered by Disqus