{
    "id": "97ec40b0-2fbf-4689-8f70-ec52b2d925e8",
    "name": "SQLMap Advanced Usage",
    "slug": "sqlmap-advanced-usage",
    "status": "published",
    "lab_type": "pta",
    "is_sample": false,
    "duration_in_seconds": 1800,
    "metadata": {
        "courses": [
            "657cf698-108b-45a3-993c-d8e238ebbfaf"
        ],
        "pta_sdn": "2269",
        "collections": [],
        "pta_manual_id": "a3f5-23db-9b34-c04d",
        "pta_namespace": "attackdefenselabs",
        "learning_paths": [],
        "has_published_parent": true
    },
    "session": null,
    "company": "a491bc32-c056-4946-9169-cc053387bada",
    "created": "2025-01-07T21:02:28.910697Z",
    "modified": "2025-01-07T21:38:35.586746Z",
    "is_beta": false,
    "lab_objectives": [],
    "main_learning_area": "3e1aa06f-2e9f-4789-b50d-aa027ad8dcfa",
    "learning_areas": [
        {
            "id": "3e1aa06f-2e9f-4789-b50d-aa027ad8dcfa",
            "name": "Cyber Security",
            "slug": "cyber-security"
        }
    ],
    "categories": [],
    "tags": [],
    "difficulty": "professional",
    "is_web_access": false,
    "is_lab_experience": false,
    "is_featured": false,
    "cve": null,
    "severity": null,
    "year": null,
    "classification": null,
    "is_trackable": false,
    "cpe_credits": null,
    "is_skill_check": false,
    "external_url": "",
    "solution_video": null,
    "explanation_video": null,
    "description": "Welcome to the SQLMap Advanced Usage lab! This lab is designed to teach you how to utilize SQLMap to identify and exploit a SQL Injection vulnerability in a real-world web app.",
    "description_html": "<p>Welcome to the SQLMap Advanced Usage lab! This lab is designed to teach you how to utilize SQLMap to identify and exploit a SQL Injection vulnerability in a real-world web app.</p>",
    "tasks": "The objective of this lab is to demonstrate how SQL Injection vulnerabilities can be identified and exploited with SQLMap. Furthermore, this lab serves as a guide on how to use some of SQLMap's advanced functionality to finetune your attack(s).\n\n\nLab Tasks\n\n- Identify and verify the presence of a SQL Injection vulnerability on the target web app.\n- Identify the type of SQL Injection vulnerability affecting the target web app.\n- Exploit the SQL Injection vulnerability with SQLMap.\n- Enumerate information from the DBMS with SQLMap.",
    "tasks_html": "<p>The objective of this lab is to demonstrate how SQL Injection vulnerabilities can be identified and exploited with SQLMap. Furthermore, this lab serves as a guide on how to use some of SQLMap's advanced functionality to finetune your attack(s).</p>\n<p>Lab Tasks</p>\n<ul>\n<li>Identify and verify the presence of a SQL Injection vulnerability on the target web app.</li>\n<li>Identify the type of SQL Injection vulnerability affecting the target web app.</li>\n<li>Exploit the SQL Injection vulnerability with SQLMap.</li>\n<li>Enumerate information from the DBMS with SQLMap.</li>\n</ul>",
    "published_date": "2025-01-07T21:38:35.586607Z",
    "solutions": "## Introduction\n\nThe objective of this lab is to demonstrate how SQL Injection vulnerabilities can be identified and exploited with SQLMap. Furthermore, this lab serves as a guide on how to use some of SQLMap's advanced functionality to finetune your attack(s).\n\n## Lab Guidelines\nAfter staring the lab, you will be provided with a URL to the target web application. This lab does not provide you with access to a Kali Linux system, as a result, you will need to perform the attacks on your own Kali Linux system or your host operating system.\n\nIn order to complete the Session Fixation challenge, you will require the following tools:\n- Burp Suite/OWASP ZAP\n- SQLMap\n\n\n> This lab can take over 2 minutes to load after opening the URL\n> \n\n\n---\n\n## Task 1: Identify The SQL Injection Vulnerability\n\n**Step 1: Inspect the web application.**\n\n![image40](https://assets.ine.com/lab/learningpath/c0dcc8481b69f7023f3c79baa2eb01d54a1fb9d3d86a3fbdc5034fca97684816.png)\n\n**Step 2: Search on google \u201cendonesia portal exploit\u201d.**\n\n![image23](https://assets.ine.com/lab/learningpath/31cfc1d7fb5537809ff49d2f6e50d97af8c444b03b2c43be192f7a3abcf94b95.png)\n\nThe exploit-db link contains the steps required to exploit the vulnerability.\n\n**Exploit DB Link**: [https://www.exploit-db.com/exploits/46559]\n\n![image28](https://assets.ine.com/lab/learningpath/e19ca4aac57033bf074afa45daa2a0f2b38cfa54f9db98eeeb587a677041da10.png)\n\n**Step 3: Click on the Banner image present on the top right of the web app and intercept the request with the burp suite.**\n\n![image19](https://assets.ine.com/lab/learningpath/c1ab1f42817f714d67234245ad954a34821e09633935e921013b0a0eb92580c6.png)\n\n**Step 4: Right-click on the request and Save it as \u201cportal\u201d**\n\n![image41](https://assets.ine.com/lab/learningpath/b33c4d9aacfe30d27ba0e51229b1b937f14a253cef61107b88c516125d77d48a.png)\n\n\n## Task 2: Exploit the SQL Injection Vulnerability With SQLMap\n\nRun the sqlmap tool on the target while passing the required parameters with the file saved in the previous step.\n\n**Command**: \n`sqlmap -r /home/shadowroot/Downloads/burpsuite/portal -p bid --dbs --level 4 --risk3\n`\n\n![image36](https://assets.ine.com/lab/learningpath/e9cf81627d6b56fcd7e8a7ea1ce89342d219be771ff58700d10892a95e32577f.png)\n\n![image42](https://assets.ine.com/lab/learningpath/6e28fd5e0415d77c8fb2be95c70404248ab15fa72e697d9c7de486d7bcab59e8.png)\n\n![image44](https://assets.ine.com/lab/learningpath/b122c30ec60d823d29a7010c666785c54cfecf309f8614ed79242cc2c98c3c52.png)\n\nFound the available databases. SQL Injection was successful.\n\n## References\n1. eNdonesia Portal (http://www.endonesia.org/)\n2. eNdonesia Portal 'banners.php' SQL Inj.\n(https://www.exploit-db.com/exploits/46559",
    "solutions_html": "<h2>Introduction</h2>\n<p>The objective of this lab is to demonstrate how SQL Injection vulnerabilities can be identified and exploited with SQLMap. Furthermore, this lab serves as a guide on how to use some of SQLMap's advanced functionality to finetune your attack(s).</p>\n<h2>Lab Guidelines</h2>\n<p>After staring the lab, you will be provided with a URL to the target web application. This lab does not provide you with access to a Kali Linux system, as a result, you will need to perform the attacks on your own Kali Linux system or your host operating system.</p>\n<p>In order to complete the Session Fixation challenge, you will require the following tools:\n- Burp Suite/OWASP ZAP\n- SQLMap</p>\n<blockquote>\n<p>This lab can take over 2 minutes to load after opening the URL\n</p>\n</blockquote>\n<hr />\n<h2>Task 1: Identify The SQL Injection Vulnerability</h2>\n<p><strong>Step 1: Inspect the web application.</strong></p>\n<p><img alt=\"image40\" src=\"https://assets.ine.com/lab/learningpath/c0dcc8481b69f7023f3c79baa2eb01d54a1fb9d3d86a3fbdc5034fca97684816.png\" /></p>\n<p><strong>Step 2: Search on google \u201cendonesia portal exploit\u201d.</strong></p>\n<p><img alt=\"image23\" src=\"https://assets.ine.com/lab/learningpath/31cfc1d7fb5537809ff49d2f6e50d97af8c444b03b2c43be192f7a3abcf94b95.png\" /></p>\n<p>The exploit-db link contains the steps required to exploit the vulnerability.</p>\n<p><strong>Exploit DB Link</strong>: [https://www.exploit-db.com/exploits/46559]</p>\n<p><img alt=\"image28\" src=\"https://assets.ine.com/lab/learningpath/e19ca4aac57033bf074afa45daa2a0f2b38cfa54f9db98eeeb587a677041da10.png\" /></p>\n<p><strong>Step 3: Click on the Banner image present on the top right of the web app and intercept the request with the burp suite.</strong></p>\n<p><img alt=\"image19\" src=\"https://assets.ine.com/lab/learningpath/c1ab1f42817f714d67234245ad954a34821e09633935e921013b0a0eb92580c6.png\" /></p>\n<p><strong>Step 4: Right-click on the request and Save it as \u201cportal\u201d</strong></p>\n<p><img alt=\"image41\" src=\"https://assets.ine.com/lab/learningpath/b33c4d9aacfe30d27ba0e51229b1b937f14a253cef61107b88c516125d77d48a.png\" /></p>\n<h2>Task 2: Exploit the SQL Injection Vulnerability With SQLMap</h2>\n<p>Run the sqlmap tool on the target while passing the required parameters with the file saved in the previous step.</p>\n<p><strong>Command</strong>: \n<code>sqlmap -r /home/shadowroot/Downloads/burpsuite/portal -p bid --dbs --level 4 --risk3</code></p>\n<p><img alt=\"image36\" src=\"https://assets.ine.com/lab/learningpath/e9cf81627d6b56fcd7e8a7ea1ce89342d219be771ff58700d10892a95e32577f.png\" /></p>\n<p><img alt=\"image42\" src=\"https://assets.ine.com/lab/learningpath/6e28fd5e0415d77c8fb2be95c70404248ab15fa72e697d9c7de486d7bcab59e8.png\" /></p>\n<p><img alt=\"image44\" src=\"https://assets.ine.com/lab/learningpath/b122c30ec60d823d29a7010c666785c54cfecf309f8614ed79242cc2c98c3c52.png\" /></p>\n<p>Found the available databases. SQL Injection was successful.</p>\n<h2>References</h2>\n<ol>\n<li>eNdonesia Portal (http://www.endonesia.org/)</li>\n<li>eNdonesia Portal 'banners.php' SQL Inj.\n(https://www.exploit-db.com/exploits/46559</li>\n</ol>",
    "flags": [],
    "min_points_to_pass": null,
    "access_type": "default",
    "user_status": "unstarted",
    "user_lab_status": null,
    "user_status_modified": null,
    "user_flags": [],
    "global_running_session": null
}