Back to Course

The Practical Guide to sqlmap for SQL Injection

0% Complete
0/0 Steps
Lesson 5 of 61
In Progress

Downloading the latest sqlmap (optional)

Christophe June 14, 2021

By default, sqlmap comes pre-installed with Kali Linux, so as long as you followed the steps in the prior lesson and downloaded the latest Kali image, then you should have a very up-to-date sqlmap installation. This means that technically you can skip this lesson since you don’t have to have the latest version in order to complete this course. In fact, I’ll personally be using the #stable version of sqlmap (the one pre-installed on Kali) instead of the latest #dev version. I just wanted to show you how to download the #dev version and explain the difference in case you ever want to use that one.

With that said, usually the version pre-installed in Kali is not going to be the latest version of sqlmap. As you can see here, our version of sqlmap is 1.4.11#stable. The term stable can mean a few different things when it comes to software and is up to the developers to define its meaning, but it typically means that the version has ironed out most of the major bugs and issues, and so it is the intended version to be used by most users. So this is a good version to use.

But again, we can check and see if there are newer versions by going to the project’s GitHub repository and checking releases.

We can see that there is a newer release with a version bump to 1.5.

Let’s go ahead and download this version to our Kali installation!

We can use a few different methods to download the latest version, including by downloading archives, or by cloning the Git repository.

git clone --depth 1 https://github.com/sqlmapproject/sqlmap.git sqlmap-dev
Code language: PHP (php)

A benefit of cloning the repository is that you can easily update your version by pulling changes through git at a later time, versus if you download an archive, that archive is “stuck in time” so to speak. You’d have to regularly go back out and download the latest archive to update.

So it’s up to you, but we have git installed on this machine so I’ll go ahead and use that method.

As you can see though by the ending of our command, this should be treaded as a -dev (development) version of sqlmap, meaning that it’s the cutting edge and there may be some unknown or known bugs. But it also means that you get the latest features.

So it’s a tradeoff to be aware of, and the version that you choose to use is up to you!

Going into our new directory:

cd sqlmap-dev

We can run this version by typing python3 sqlmap.py and we will see version 1.5.4.5#dev (you might see something slightly different depending on when you’re taking the course).

For this course, we will stick to the default installation of sqlmap to minimize the risk of bugs and issues along the way, but feel free to try using this latest version instead – just be aware that there may be some differences.

So now that we’ve verified that we have a working installation of sqlmap, and we’ve learned how to download the latest version, let’s complete this lesson and move on to the next where we will use sqlmap for the first time!

Responses

Your email address will not be published.

This site uses Akismet to reduce spam. Learn how your comment data is processed.