SQL shell
One of the cool features in SQLMap is the SQL shell. The SQL shell basically invokes the built-in SQL interactive interpreter and it is presented in such a way that it feels like interacting with a database SQL utility.
The interpreter is invoked by using --sql-shell. Let's check this out as follows:
./sqlmap.py -u http://192.168.50.2/Less-1/?id=2 --sql-shell
The output is shown in the following screenshot:
That example makes data retrieval with an injection look so simple. However, there are some quirks with this. Since typically most SQL injection issues are based on SELECT queries, the SQL shell might not work with other type of options like INSERT, UPDATE and so on, unless there is a suitable type of injection available such as the stacked query.
As I've already stated, I tried to execute an INSERT-based SQL statement but it didn't work as there was no stacked query injection available.
