If you don't read Sqlmap - Sqlinjection part 1 click here.
Now we see an advanced options for sqlmap.
With -o we turn on all optimization switches
With --random-agent we can use a randomly selected http user-agent
With --ignore-proxy we ignore a default proxy of http (use --ignore-proxy only when sqlmap return some error)
With --level=level we change the level of test (default level=1, 1-5)
With --risk=risk we change risk of test (default risk=1, 0-3)
With --technique=technique we change technique of injection (default "beust")
We can find a current user of db using : --current-user
If we add --password we can dump hashes password : --current-user --password
With --dump-all we can dump all database
We can open a shell with --os-shell , or if we want use metasploit we can use :
--msf-path=/path/of/msf
We can use tor to proxy sqlmap with : --tor
If you have any problem or if you need some explanations just write under this post!
No comments:
Post a Comment