Installing SqlMap in Ubuntu / any Linux distro for SQL Injection

SQLMAP is a automated SQL injection tool which does most of the work for you. If you don’t know what SQL injection is head over here: https://en.wikipedia.org/wiki/SQL_injection

Using SQLMAP, you can “hack” many databases in very short time. In the next post, i will show you how to dump database tables and credentials from a vulnerable database and explore.

Even if the passwords are stored using hashing functions ( https://en.wikipedia.org/wiki/Hash_function ), you can crack these hashes using online tools.

Here is the complete video guide for installation:

How to install SQLMAP in Ubuntu / any Linux distribution:

Step 1: Go to official site here http://sqlmap.org/ and under Download, click download zip ball.
Step 2: Now extract this zip and name it as sqlmap.
Step 3: Now move this folder to someother folder or you can skip to next step. But to prevent accidental deletion, move this folder to /opt folder.

sudo mv /home/kishorer747/Downloads/sqlmap/ /opt/

Now your sqlmap is located at /opt/sqlmap/

Step 4: Add sqlmap.py to SYSTEM PATH so that you can use it from anywhere.

Using following command open /home/kishorer747/.bashrc file ( also same as ~/.bashrc ) and paste the two lines in the end.

gedit ~/.bashrc

Add these lines:

#sqlmap path
export SQLMAP_HOME=’/opt/sqlmap’
export PATH=$PATH:$SQLMAP_HOME

Step 5: Now that we have added SQLMAP home folder to system path, we can use it from any directory. In your terminal type see if it properly setup.

sqlmap.py -h

In later posts, I will show you how easily you can use this tool to exploit vulnerable databases.

Cheers

Src: https://kishorer.in/2015/07/05/installing-sqlmap-in-ubuntu-any-linux-distro-for-sql-injection/

Share

Leave a Reply