IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [sqlmap]

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

152 questions
0
votes
1 answer

Can sqlmap be used on telnet?

Is there a way to use sqlmap over telnet or do I have to manually create a web wrapper that will send the payload over a parameter and output the response?
Lucian Nitescu
  • 1,802
  • 1
  • 13
  • 27
0
votes
2 answers

SQL Injection with an uninjectable URL

I was recently given a subdomain to try and exploit with SQLi: gov.ns.agency. Unlike what I would see in most tutorials, I can't really inject parameters into the URL like I would see everywhere else. Here's what I tried: At the login page, any…
Calahan
  • 1
  • 1
  • 4
0
votes
1 answer

How to make Sqlmap obtain administrator rights for database?

I'm using sqlmap to exploit databases in a DVWA-project. However, after having exploited the database, I executed the following command to learn that the user is dvwa@%: sqlmap -u…
Shuzheng
  • 1,097
  • 4
  • 22
  • 37
0
votes
1 answer

Bypass WAF/IDS with SQLMAP?

How can I use SQLMAP to run tests on a website with a WAF/IDS? Suppose I want to run something like this: python sqlmap.py -u http://www.xxxxxxxxxxxxxx.com/standard.html&id=30 --dbs How can I test against WAF/IDs in this case?
Quinn
  • 1
  • 1
  • 1
0
votes
1 answer

This is a Stack Trace or Sql Injection?

Yesterday I posted a question about whether I could do an SQL injection with the following error code: httpStatus":400,"errorCode":"BAD_QUERY_PARAMETER","message":"java.lang.NumberFormatException: For input string:…
user152754
  • 31
  • 1
  • 2
0
votes
4 answers

Sqlmap dumping all tables without data

Is it possible to see all columns of all tables of a database without the data using sqlmap I don't want to use -D database -T table manually for all the tables
crismatiq
  • 37
  • 1
  • 3
0
votes
1 answer

Timed out in sqlmap

I detect a sqli vulnerability in a target url using sqlmap. Now when I try this I always get "connection timed out to the target URL": ./sqlmap.py -u targetURL --dbs How can I solve it?
ThisIsMe
  • 25
  • 1
  • 6
0
votes
2 answers

Using sqlmap for SQL injection vulnerabilities in Vaadin

I implemented a small website for penetration testing purposes using the Vaadin framework. I have a MySQL database running in the background as well as a Jetty server. The website is vulnerable against manual SQL injection attacks. But when I want…
Nazar Medeiros
  • 161
  • 8
0
votes
2 answers

Is there a way to specify PHP escape method when using SQLmap?

I'm helping a collegue of mine to test if his website is completely SQLi-proof. It looks promising, but i'm trying to make sure, and by chance I know he's using pg_escape_string to sanitize his POST input. This may be a stupid question, but I'd…
WolfyD
  • 101
  • 1
0
votes
2 answers

Vega shows SQL injection vulnerablity but sqlmap says no

I'm pen testing an application. The URL is basically app.php?app=appname. If app exists it gives correct output, but if it doesn't exist we get a internal server error 500. Vega detects it as a SQL injection vulnerability, but when I test it with…
while true
  • 167
  • 1
  • 1
  • 7
0
votes
1 answer

sqlmap login post problem

I have an asp login form (username & password) that is SQL-injectable when the username is found in the database For example, if I inserted -username : foo (foo founded in database) -password : '.;/; Then the result is: Incorrect syntax…
Mortada Jafar
  • 113
  • 5
0
votes
1 answer

How too use R0b0tPirates 500 error bypass

I had a valid injection, but could not exploit it due to 500 errors, so I looked around and found that R0b0t Pirates, a blog that specializes in tools like sqlmap, has put out a 500 error bypass, telling you somehow add this to the query, with no…
Sanic Rider
  • 95
  • 1
  • 2
  • 6
0
votes
2 answers

SQLMap using "?ref="

I'm learning about net security and how to deal with SQLmap. A friend made some demo web pages on his server to test SQLmap. One of the pages is a fake phishing site with a refer to a real site (index.asp?ref=REALSITE). If I scan the fake phishing…
New123
  • 1
-1
votes
1 answer

How to use sqlmap while website uses multiple redirects

I am testing a publicly available site https://example.com/ebill/login.php where I fill the form with account number, like 34413271 and a cookie is assigned for later urls to use, then the above URL redirects to…
SIslam
  • 59
  • 6
-1
votes
1 answer

How to continue performing checks on a site if sqlmap found an issue on a URL of the same site while using --batch option?

I have a file /tmp/urls which has following URLs: http://127.0.0.1:8081/?id=1 http://127.0.0.1:8081/?id2=1 I am using this command to perform checks on file URLs concurrently: python3 sqlmap.py --threads=5 -m /tmp/urls --batch Both of these URLs…
Sanjay Prajapat
  • 111
  • 1
  • 4
1 2 3
10
11