Dumping the data – in an error-based scenario
Let's go back to the previously discussed example, and now we shall exploit the vulnerability using the error-based technique of SQLMap to list the database user and list of databases as follows:
./sqlmap.py -u http://192.168.50.2/Less-1/?id=2 --current-user
The output is shown in the following screenshot:
Impressive! The current database user pointed out by SQLMap is root.
Now let us print the list of databases present using --dbs switch as follows:
./sqlmap.py -u http://192.168.50.2/Less-1/?id=2 --dbs
The output is shown in the following screenshot:
Once we have the list of databases available, it may be a good idea to dump one of them. For demonstration, I'll select security and dump out the tables present inside it. SQLMap provides the --tables switch to list the same, but it must be used in parallel with the -D switch, which tells it which database to choose, while dumping the tables as follows:
./sqlmap.py --technique=E -u http://192.168.50...
