Learn how to use this SQL tool to enumerate databases on a server, and then extract content from them.
- [Instructor] Let's take a look at how we approach…the enumeration of a database using SQLmap.…To do this we'll target the Europa server…in the LinkedIn Learning Lab.…This is a named server which we access…as admin-portal.europacorp.htb.…At the webpage, we're redirected to a login page.…I've got Burp Suite set up as the proxy,…and note that given that this is a named server,…I've used the server name for the scope.…
Let's try to log in and see what Burp Suite records.…We can see the login page GET requests in our login POST.…When we look at the POST requests,…we can see the credentials are included…at the bottom of the message.…Let's go back and see what we can do with SQLmap.…The first thing we'll try is to get SQLmap…to figure out the attack from the login form.…
We can do this by using the --form command on the call.…SQLmap searches for a form and finds a parameter string…which includes the parameters email, password, and remember.…We'll accept the form, and we'll take the default post data,…and we'll fill in blanks with random values.…
- Using Masscan for rapid full-service scanning
- Passive scanning with Shodan
- Using Nmap scripts
- Scanning with Reconnoitre and Vanquish
- Diagnosing uncommon ports
- Enumerating Drupal, WordPress, and Joomla sites
- Enumerating in the Linux shell
- Using the JAWS PowerShell script
Skill Level Advanced
Ethical Hacking: Penetration Testingwith Lisa Bock1h 29m Intermediate
Penetration Testing Essential Trainingwith Malcolm Shore2h 29m Intermediate
Penetration Testing: Advanced Kali Linuxwith Malcolm Shore2h 22m Intermediate
1. Identifying Services
2. Enumerating Services
3. Enumerating Web Servers
4. Further Enumeration
Enumerating inside Windows4m 41s
What's next1m 39s
- Mark as unwatched
- Mark all as unwatched
Are you sure you want to mark all the videos in this course as unwatched?
This will not affect your course history, your reports, or your certificates of completion for this course.Cancel
Take notes with your new membership!
Type in the entry box, then click Enter to save your note.
1:30Press on any video thumbnail to jump immediately to the timecode shown.
Notes are saved with you account but can also be exported as plain text, MS Word, PDF, Google Doc, or Evernote.