Sqlmap – Continuing a large query

All we need is an easy explanation of the problem, so here it is.

I’m going to admit I’m not a sqlmap expert, hoping the community can help me learn something.

sqlmap -u "https://www.domain.com/page.php?id=1" –batch -D database_name -T table_name –dump -C "

"

  • I ran the above sqlmap command on a very large database. Let's say I ran the query on April 1, 2022.
  • It took approx. 1 second to retrieve each record in the database (this is relevant in a later bullet point).
  • It took ~7 days to dump the entire database. However, there are no records dumped that are later than April 1, 2022 (the date I started the dump). I know there are records between April 1, 2022 and April 7, but the same sqlmap command will not dump them.

I thought I could continue the dump by running a query similar to the following (where "100000" is the last id retrieved in the original dump).

sqlmap -u "https://www.domain.com/page.php?id=1" --batch -D database_name -sql-query="select

FROM table_name WHERE id > 100000"

  • This resulted in a query that ran for maybe 30 seconds (instead of the 1 sec per row I experienced with the original command).
  • The console displayed hundreds of rows of data (although still not all of them, but definitely displayed records beyond my original dump).
  • I can't find the dumped data anywhere. I looked in the folder that sqlmap indicates the dumped data was saved to and I don't see anything (the original dump saved CSV files).

I must be doing something wrong here. My goal is to dump the entire database. How can I use the original query (which was slow, but working well) to dump data beyond the date that I originally ran the command?

Happy to answer any follow-up questions needed to get to an answer here.

How to solve :

I know you bored from this bug, So we are here to help you! Take a deep breath and look at the explanation of your problem. We have many solutions to this problem, But we recommend you to use the first method because it is tested & true method that will 100% work for you.

Method 1

You can just use the switch

--fresh-queries

although you have to add

WHERE id > 100000

or whatever the last ID you were able to dump was.

Also the saved data and dump is normally in the .sqlmap/output/ folder. If it's not there, then you may have started sqlmap with sudo or another user.
Just take a look in the /root/.sqlmap/output and /home//.sqlmap/output/ folder

Note: Use and implement method 1 because this method fully tested our system.
Thank you 🙂

All methods was sourced from stackoverflow.com or stackexchange.com, is licensed under cc by-sa 2.5, cc by-sa 3.0 and cc by-sa 4.0

Leave a Reply