0

I am learning SQLi using sqlmap and xampp.

I set up my lab the same way as per tutorial but when I run

sqlmap.py -u "http://localhost/bwapp/sqli_1.php?title=1*"

the error got 302 redirected to

http://localhost:80/bwapp/login.php

and when I clicked either yes or no, then I get the error

"you have not declared cookies, while server wants to set its own.. ..".

How do I solve this issue?

secf00tprint
  • 202
  • 1
  • 11
amsyrfkri
  • 1

1 Answers1

0

Would be helpful if you give further information:

  • Bwapp Version
  • What tutorial
  • What sqlmap version

So sqlmap gives you a hint:

You have not declared cookie(s), while server wants to set its own

This is the note that you haven't delivered any cookies using sqlmap. This means you are not logged in and you will be redirected to the login page

Redirect 302 to

http://localhost:80/bwapp/login.php

So you can give sqlmap your login session using

sqlmap -hh | grep cookie
    --cookie=COOKIE     HTTP Cookie header value (e.g. "PHPSESSID=a8d127e..")
    ...
    --load-cookies=L..  File containing cookies in Netscape/wget format

So a workaround (I have no bwapp in front of me) could be:

  1. Log into bwapp in the Browser
  2. Go into Developer Tools (Ctrl-Shift-I then: Chromium -> Application -> Cookies or Firefox (web-)storage)
  3. Remember the cookies from here
  4. Give it to sqlmap with --cookie "name1=value1;name2=value2" e.g. sqlmap -u "http://localhost/bwapp/sqli_1.php?title=1*" --cookie="security=low; PHPSESSID=oikbs8qcic2omf5gnd09kihsm7"
secf00tprint
  • 202
  • 1
  • 11