The sqlmap is one of the best known open source tools for penetration testing which automates the procedures for locating and executing SQL Injections. It is based on python and one can find it in Kali Linux or download it from github.
The corresponding tool is also available for cell phones Android by name sqlmapchik. Easy to use graphic environment και με πληθώρα επιλογών χωρίς την χρήση κονσόλας. Η βασική αποτελεσματικότητά του είναι ίδια με την αντίστοιχη version για υπολογιστή, αλλά σαν application presents some instabilities in some devices, which over time are estimated to be overcome. Also missing are some features available in regular sqlmap such as:
- sqlmap API
- profiling
- log colorizing
- beeping
– Definition of dwork user-defined injection
- Upgrade
- Interfacing with the metasploit framework
It is understood that de facto some of these functions are difficult to integrate for the time being.
How to execute sqlmapchik and interface with the user while performing the results gives the same sense of usability as sqlmap.
An important condition about the ability to execute it sqlmapchik is the installation of the platform BusyBox and by extension to have been done root device.
We thank her warmly SecTeam @SAMSONIC