Join Malcolm Shore for an in-depth discussion in this video Database enumeration with sqlmap, part of Ethical Hacking: Enumeration.
- [Instructor] Let's take a look…at how we approach the enumeration of a database…using SQL Map.…To do this, we'll target the Metasploitable server.…The first thing we'll do is to set Burp Suite up…as the proxy for our web traffic.…I've started Burp Suite…and we can see it's ready to proxy Metasploitable.…I've already set FireFox up…to work through the Burp Suite proxy,…so let's start by selecting the Mutillidae page.…
This provides a set of vulnerabilities…that we can use to learn how to do exploitation.…For the purpose of running SQL Map,…let's select the first of the OWASP Top 10.…A1 Injection,…and we'll select SQL Map Practice Target,…View Someone's Blog.…The webpage will redirect it to a login page.…I'll select Admin and press View Log Entries.…
Let's see what we've got in Burp Suite.…If I look at the messages,…I can see a number of GET and one POST messages.…Let's look at the POST message.…There's three important things here.…The first is the URL on the top line…and the second is the cookie line,…showing the PHP session ID.…
An overview of the CEH exam, blueprint, and eligibility criteria can be found at https://www.eccouncil.org/programs/certified-ethical-hacker-ceh/.
- What is enumeration?
- Understanding NetBIOS, SMB, SAMBA, and RPC
- Profiling hosts
- Investigating interfaces
- Enumerating SMB
- Enumerating SNMP and RPC
- Enumerating the Internet
- Working with other enumeration tools
Skill Level Intermediate
1. Basics of Enumeration
2. Local Host Enumeration
3. Remote Hosts
4. Enumerating Web Apps
5. Enumerating the Internet
6. Other Enumeration Tools
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.