# Screenshots

Verbose output (option `-v` set to `3`):

![Verbose output set to 3](images/sqlmap_verbose_3.png)

Concatenation of three tamper scripts to obfuscate the injected SQL payloads (switch `--tamper`):

![Tamper scripts in action](images/sqlmap_tamper_in_action.png)

Cracking dumped databased users' password hashes (switch `--passwords`):

![Users' password hashes cracking](images/sqlmap_cracking_password_hashes.png)

Enumerating database table's columns (switch `--columns`):

![Database table's columns dump](images/sqlmap_enumerating_columns.png)

Mnemonics (option `-z` set to `"flu,ign,bat,tec=B"`):

![Mnemonics usage](images/sqlmap_mnemonics.png)

Conducting through tests only if positive heuristic(s) (switch `--smart`):

![Smart mode](images/sqlmap_smart.png)

DNS exfiltration technique (option `--dns-domain`):

![DNS exfiltration technique](images/sqlmap_dns_exfiltration.png)

Replicating table to a local SQLite3 database (switch `--replicate`):

![Replicated table](images/sqlmap_replicate_result.png)

OS pwn mode (Meterpreter) (switch `--os-pwn`):

![OS pwn mode](images/sqlmap_os_pwn.png)

OS shell mode (switch `--os-shell`):

![SQL shell mode](images/sqlmap_os_shell.png)

SQL shell mode (switch `--sql-shell`):

![SQL shell mode](images/sqlmap_sql_shell.png)

Wizard mode (switch `--wizard`):

![Wizard mode](images/sqlmap_wizard.png)