Fingerprint Tab - Database Type Identification and Version Detection
The Fingerprint tab controls how SQLmap identifies the database management system (DBMS) type, version, and specific features, which is crucial for tailoring subsequent attacks and enumeration.
📋 Overview
The Fingerprint tab contains three main sections:
- Basic Fingerprinting - DBMS type identification
- Version Detection - Detailed version information
- Advanced Fingerprinting - Feature and capability detection
🔍 Basic Fingerprinting Options
Fingerprint DBMS
Parameter: --fingerprint
Description: Fingerprint the DBMS type and version
Output: Detailed DBMS identification
Examples:
[INFO] the back-end DBMS is MySQL
[INFO] the back-end DBMS operating system is Linux
[INFO] the back-end DBMS version is 5.7.32
Use Cases:
- Initial reconnaissance
- Technique selection
- Compatibility checking
Banner Grab
Parameter: --banner
Description: Retrieve DBMS banner/version
Output: Raw version string from database
Examples:
MySQL 5.7.32
PostgreSQL 12.3
Microsoft SQL Server 2019
Oracle Database 19c
Use Cases:
- Exact version identification
- Patch level assessment
- Vulnerability research
Current User
Parameter: --current-user
Description: Retrieve current database user
Output: Username of the database connection
Examples:
root@localhost
postgres
sa
system
Use Cases:
- Privilege assessment
- User context understanding
- Access level determination
Current Database
Parameter: --current-db
Description: Retrieve current database name
Output: Name of the active database
Examples:
mysql
postgres
master
orcl
Use Cases:
- Database context identification
- Schema understanding
- Navigation planning
📊 Version and Feature Detection
Check for DBMS Version
Parameter: --check-version
Description: Check if DBMS version is vulnerable
Behavior: Compares version against known vulnerabilities
Output: Vulnerability status and details
Use Cases:
- Security assessment
- Patch management
- Risk evaluation
Enumerate DBMS Version
Parameter: --version
Description: Retrieve detailed version information
Output: Comprehensive version details
Examples:
MySQL 5.7.32-0ubuntu0.18.04.1
PostgreSQL 12.3 (Ubuntu 12.3-1.pgdg18.04+1)
Microsoft SQL Server 2019 (RTM) - 15.0.2000.5 (X64)
Use Cases:
- Detailed version analysis
- Compatibility verification
- Feature support checking
Detect DBMS Features
Parameter: --check-dbms
Description: Check DBMS-specific features and capabilities
Output: Supported features and extensions
Examples:
MySQL: InnoDB, MyISAM, MEMORY engines
PostgreSQL: PL/pgSQL, PostGIS extensions
SQL Server: CLR, Full-text search
Use Cases:
- Feature availability assessment
- Exploitation planning
- Compatibility verification
🔧 Advanced Fingerprinting Options
Force Back-end DBMS
Parameter: --dbms=DBMS
Description: Force specific DBMS type
Supported DBMS:
- MySQL:
mysql
- PostgreSQL:
postgresql
- Microsoft SQL Server:
mssqlserver
- Oracle:
oracle
- SQLite:
sqlite
- Microsoft Access:
access
- Firebird:
firebird
- IBM DB2:
db2
- SAP MaxDB:
maxdb
- Sybase:
sybase
- Informix:
informix
- HSQLDB:
hsqldb
- H2:
h2
- MariaDB:
mariadb
Use Cases:
- Known target DBMS
- Bypassing auto-detection issues
- Testing specific techniques
Force Back-end DBMS Operating System
Parameter: --os=OS
Description: Force specific operating system
Options:
- Linux:
linux
- Windows:
windows
- Unix: Generic Unix-like systems
Use Cases:
- Known target OS
- OS-specific exploitation
- File system access planning
Force Back-end DBMS Version
Parameter: --dbms-version=VERSION
Description: Force specific DBMS version
Examples:
--dbms-version=5.7.32
--dbms-version=12.3
--dbms-version=2019
Use Cases:
- Known version information
- Version-specific testing
- Patch verification
Extended Banner Grab
Parameter: --extensive-fp
Description: Perform extensive fingerprinting
Behavior: Uses multiple techniques for thorough identification
Output: Detailed fingerprinting results
Use Cases:
- Maximum identification accuracy
- Unknown or obfuscated DBMS
- Comprehensive reconnaissance
📝 Usage Examples
Basic DBMS Identification
Fingerprint DBMS: ✓ Enabled
Banner Grab: ✓ Enabled
Current User: ✓ Enabled
Current Database: ✓ Enabled
Generated Command:
sqlmap -u "http://example.com/page.php?id=1" --fingerprint --banner --current-user --current-db
Version Vulnerability Check
Check Version: ✓ Enabled
Enumerate Version: ✓ Enabled
Detect Features: ✓ Enabled
Generated Command:
sqlmap -u "http://example.com/admin.php?id=1" --check-version --version --check-dbms
Forced DBMS Identification
Force DBMS: MySQL
Force OS: Linux
Force Version: 5.7.32
Extensive Fingerprinting: ✓ Enabled
Generated Command:
sqlmap -u "http://example.com/db.php?id=1" --dbms=mysql --os=linux --dbms-version=5.7.32 --extensive-fp
Comprehensive Fingerprinting
Fingerprint DBMS: ✓ Enabled
Banner Grab: ✓ Enabled
Current User: ✓ Enabled
Current Database: ✓ Enabled
Check Version: ✓ Enabled
Enumerate Version: ✓ Enabled
Detect Features: ✓ Enabled
Extensive Fingerprinting: ✓ Enabled
Generated Command:
sqlmap -u "http://example.com/test.php?id=1" --fingerprint --banner --current-user --current-db --check-version --version --check-dbms --extensive-fp
⚠️ Important Considerations
Fingerprinting Strategy
- Auto-detection first: Let SQLmap identify the DBMS automatically
- Force only when necessary: Use –dbms only with confirmed information
- Verify results: Cross-check fingerprinting results manually
- Consider WAF interference: Web Application Firewalls may obfuscate responses
Version Detection Accuracy
- Banner vs fingerprinting: Banner gives exact version, fingerprinting gives type
- Patch levels: Banner shows patch information, fingerprinting may not
- Feature detection: Some features may not be detectable remotely
- Version spoofing: Some systems may report false version information
- Extensive fingerprinting: Can be slow and generate many requests
- Multiple techniques: More accurate but more intrusive
- Network considerations: Remote fingerprinting may be affected by latency
- Detection evasion: Some fingerprinting may trigger security alerts
Compatibility Issues
- DBMS variations: Different versions may behave differently
- Forked databases: MariaDB vs MySQL, Percona vs MySQL
- Cloud databases: AWS RDS, Google Cloud SQL may have different behaviors
- Containerized databases: Docker/Kubernetes may have modified behavior
🔧 Troubleshooting
Auto-Detection Failing
Problem: SQLmap cannot automatically identify the DBMS
Solutions:
- Use –extensive-fp for thorough detection
- Try manual testing with known payloads
- Check for WAF interference
- Use –dbms to force a specific type
Incorrect DBMS Identification
Problem: Fingerprinting identifies wrong DBMS type
Solutions:
- Verify with manual database queries
- Check error messages for clues
- Try different injection techniques
- Use –dbms to override auto-detection
Version Detection Issues
Problem: Version information is incomplete or inaccurate
Solutions:
- Use –banner for exact version string
- Check multiple version detection methods
- Verify against known application stack
- Consider version spoofing by the application
Feature Detection Problems
Problem: Feature detection not working properly
Solutions:
- Check if features are actually available
- Verify user privileges for feature access
- Try different detection techniques
- Consult DBMS documentation for feature availability
Slow Fingerprinting
Problem: Fingerprinting process is taking too long
Solutions:
- Disable extensive fingerprinting
- Use basic fingerprinting options only
- Limit to essential information
- Check network connectivity and latency
WAF Blocking Fingerprinting
Problem: Web Application Firewall blocking fingerprinting attempts
Solutions:
- Use tamper scripts: –tamper=space2comment
- Reduce fingerprinting intensity
- Try different timing and techniques
- Use manual fingerprinting methods
/home/devil/Desktop/SQLmap-GUI-Advanced-SQL-Injection-Testing-Interface/docs/tabs/fingerprint.md