Hey... today i will show you how to generate a simple backdoor using sql injection technique by using sqlmap tool.
once I was found a web application that vulnerable of sql injection attack. the target url like this "192.168.56.2/coba/index.php?id=1" a simple testing I tried to insert character " ' " on the parameter id the result url like this 192.168.56.2/coba/index.php?id='1 it has a error like below :
"the result cant be found because,..You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version for the right syntax to use near '\'1' at line 1" it means that this target is vulnerable and possible to be exploit by using sqlmap.
sqlmap is one of several tools that using for sql injection attack..
open the sqlmap then I tried write this syntax :