O'Reilly logo

Kali Linux Network Scanning Cookbook by Justin Hutchens

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

GET method SQL injection with sqlmap

Web applications frequently accept arguments within a supplied URL. These parameters are generally transmitted back to the web server in the HTTP GET method requests. If any of these parameter values are then included in a query statement to a backend database, an SQL injection vulnerability could potentially exist. In this recipe, we will discuss how to use sqlmap to automate the testing of HTTP GET method request parameters.

Getting ready

To use sqlmap to perform SQL injection against a target, you will need to have a remote system that is running one or more web applications that are vulnerable to SQL injection. In the examples provided, an instance of Metasploitable2 is used to perform this task. Metasploitable2 ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required