What is SQLMap?
SQLmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over database servers. It is great for finding and exploiting SQL Injection vulnerabilities by sending SQL syntax at running websites and determining if a flaw has been found.
If a flaw (SQL Injection) is found, SQLmap could then exploit that flaw and extract information from the database.
In a DevSecOps environment, SQLmap is used to find and report on flaws, as software systems run through the staging or similar environments for testing.
|Security Stage||DAST (Dynamic Analysis)|
|1||You'll need a URL to scan|
|2||You'll need to configure endpoints and sample inputs|
How do I set it up?
To add SQLMap into the Uleska Platform, there are 3 main steps:
1. Configure a dynamic testing stage version for your application
Your version configuration will be setup for dynamic testing. Go to the dynamic documentation page to see how to set this up for any dynamic testing.
2. Enhance that version with further information on your running application
SQLMap works by sending requests to the website that will pass information into the site for processing against a database. Common examples of this might be where the website receives data in a form, such as a name, or an address.
Therefore to run SQLMap some preparation work is needed. When penetration testers are manually using SQLMap to test a running system, they will first spider the website, or build a list of URLs for the website that pass information (e.g. POST or PUT requests, or GET requests with parameters). If the request does not pass information into the web application, then there is not much SQLMap can do to attempt any exploits.
In a DevSecOps environment with the Uleska Platform, the list of URLs to be used can be populated in two ways:
Using Burp Spider (Crawler)
3. Add the SQLMap tool into your application and version toolkit
With the dynamic version configure and 'Web Pages' described, now the Uleska Platform is set up to allow any project to be dynamically tested with your SQLMap tool. Let's show you how to setup your applications and versions to run this.
To enable the SQLMap tool for the stage scanning,
Now any time you click 'Test Now' for that application stage of testing, or make a request over the Uleska API or CLI for that stage, the SQLMap tool will be included in the test run which will start a security scan of the Uri for the configured version. Any results added to your vulnerabilities list.
No all options available on the SQLMap command line are currently supported. The Uleska Platform adaptor for SQLMap will use the tool to find areas of the target that are vulnerable to SQL injection, and report those issues back. It will not attempt to enumerate the database, or exploit in any way.
We do not currently support setting a proxy, using tor, or forcing DBMS limitations. Please contact Uleska for more details, or to request support for SQLMap flags.