.png)
5 hours ago
6 BOOK THIS SPACE FOR AD
ARTICLE AD
I’m back with a brand-new article on SQL injection vulnerabilities. In this ethical hacking experiment, I decided to use Ghauri instead of SQLMap.
Ghauri is an SQLi detection tool that offers less advanced features than SQLMap while operating at a higher speed.
You can check out the tool on its official GitHub page and install it on Kali Linux or similar systems with a simple setup. (Although I mentioned Linux, Ghauri works across multiple ecosystems. However, since our primary concern is performance, I highly recommend using lightweight Linux distributions.)
Ghauri operates similarly to SQLMap.
To list databases from a target URL, you can use the following command:
Don’t forget to edit variables like “target.”
ghauri -u "---target---" --dbs --level=3 --batchThe --batch parameter ensures that the tool runs automatically without prompting for input.
If you successfully list the databases, you can then list tables and columns using these commands:
ghauri -u "---target---" -D target_db --tables --level=3 --batchghauri -u "---target---" -D target_db -T target_table --columns --level=3 --batch
Bengali (Bangladesh) · 
English (United States) ·