Thursday, September 15, 2011

HOWTO : Offical SQLMap video demonstration 6

*** Do NOT attack any computer or network without authorization or you may put into jail. ***

Credit to : Bernardo

This is Bernardo's work but not mine. I re-post here for educational purpose only. It is because I enjoy his videos very much and I am afraid of losing them.

Original link is here.



Demonstration of sqlmap file system read access features: sqlmap is launched against an ASP test page hosted on a Microsoft Windows 2003 server with back-end database management system being Microsoft SQL Server 2005.

The tool is instructed to identify possible SQL injections and exploit them by retrieving a file from the database server file system. The file is stored locally on the user's machine and can be either a text or a binary file.

The technique used to dump this data from the back-end database software is the default, boolean-based blind SQL injection.

Command

python sqlmap.py -u http://172.16.213.131/mssql/iis/get_int.asp?id=1 --read-file "C:\example.txt" -v 2

That's all! See you.