Book Image

KALI LINUX NETWORK SCANNING COOKBOOK

Book Image

KALI LINUX NETWORK SCANNING COOKBOOK

Overview of this book

Table of Contents (16 chapters)
Kali Linux Network Scanning Cookbook
Credits
About the Author
About the Reviewers
www.PacktPub.com
Disclaimer
Preface
Index

POST method SQL injection with sqlmap


Sqlmap is an integrated command-line tool in Kali Linux that drastically reduces the amount of effort required to manually exploit SQL injection vulnerabilities by automating the entire process. In this recipe, we will discuss how to use sqlmap to automate the testing of HTTP POST method request parameters.

Getting ready

To use sqlmap to perform SQL injection against a target, you will need to have a remote system that is running one or more web applications that are vulnerable to SQL injection. In the examples provided, an instance of Metasploitable2 is used to perform this task. Metasploitable2 has several preinstalled vulnerable web applications running on TCP port 80. For more information on setting up Metasploitable2, refer to the Installing Metasploitable2 recipe in Chapter 1, Getting Started, of this book.

How to do it…

To perform an SQL injection attack on a service using the HTTP POST method, we will need to define the string of POST parameters...