Installing SqlMap in Ubuntu / any Linux distro for SQL Injection

SQLMAP is a automated SQL injection tool which does most of the work for you. If you don’t know what SQL injection is head over here:

Using SQLMAP, you can “hack” many databases in very short time. In the next post, i will show you how to dump database tables and credentials from a vulnerable database and explore.

Even if the passwords are stored using hashing functions ( ), you can crack these hashes using online tools.

Here is the complete video guide for installation:

How to install SQLMAP in Ubuntu / any Linux distribution:

Step 1: Go to official site here and under Download, click download zip ball.
Step 2: Now extract this zip and name it as sqlmap.
Step 3: Now move this folder to someother folder or you can skip to next step. But to prevent accidental deletion, move this folder to /opt folder.

sudo mv /home/kishorer747/Downloads/sqlmap/ /opt/

Now your sqlmap is located at /opt/sqlmap/

Step 4: Add to SYSTEM PATH so that you can use it from anywhere.

Using following command open /home/kishorer747/.bashrc file ( also same as ~/.bashrc ) and paste the two lines in the end.

gedit ~/.bashrc

Add these lines:

#sqlmap path
export SQLMAP_HOME=’/opt/sqlmap’

Step 5: Now that we have added SQLMAP home folder to system path, we can use it from any directory. In your terminal type see if it properly setup. -h

In later posts, I will show you how easily you can use this tool to exploit vulnerable databases.




Leave a Reply