Official sqlmap video demonstration 12
Demonstration of sqlmap out-of-band takeover features with Metasploit integration: sqlmap is launched against an ASP test page hosted on a Microsoft Windows 2003 server with back-end database management system being Microsoft SQL Server 2005. The tool is instructed to identify possible SQL injections, then exploit a database’s stored procedure heap-based buffer overflow vulnerability (MS09-004) if it is Microsoft SQL Server 2000 or 2005. sqlmap relies on Metasploit to create the shellcode which gets executed upon successful exploiting of the buffer overflow on the database server and establishes the connection between the user’s machine and the database server. The control is passed over to the Metasploit command line interface where the user can proceed to privilege escalate to SYSTEM by exploiting MS10-015 vulnerability with Meterpreter getsystem command.
sqlmap, http://sqlmap.sourceforge.net, is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of back-end database servers. It comes with a broad range of features lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections.