I have tried SQL injection with sqlmap using the command below:
sqlmap -u http://localhost/abc.php?id=1 -D datab --sql-shell
Following query works in the SQL shell well:
SELECT * FROM admin
But when I try to drop the table or try to insert into table using SQL queries like DROP TABLE admin
or queries like INSERT * INTO admin
, following error message is returned:
[WARNING] execution of custom SQL queries is only available when stacked queries are supported