IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [sqlmap]

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

152 questions
4
votes
1 answer

How to update table with sqlmap and without stacked queries?

down vote favorite I'm trying to use following code sqlmap -u "http://exp.com/portal/pd.jsp action=edit&info=products&sub_info=price" --cookie="JSESSIONID....." --dbms Oracle -D PRODUCTS -T PRICE --threads 10 --sql-query="UPDATE PRICE SET PRICE…
user143049
  • 41
  • 1
  • 2
4
votes
2 answers

SQLmap POST parameter 'txtLoginID' is not injectable

I have a lab machine that I have been practicing some SQL injection on. I know that the POST parameter that I am trying to exploit is vulnerable as I was able to extract the user DB manually. I then went to do this with SQLmap with the below…
Grady Negronida
  • 53
  • 1
  • 1
  • 7
3
votes
1 answer

SQLMap on a seqential form

There is a certain form that gets posted over POST. The form has some form elements. I am doing a pen-test on the application that has this form. The form values are being stored in a certain database. It's a PHP application and the interesting…
qre0ct
  • 1,492
  • 3
  • 19
  • 30
3
votes
1 answer

SQLMap: Testing implicit parameter URL

I'm pentesting a client's website but could not find a syntax to tell SQLMap that the variable it should test doesn't have an explicit name in the URL. I've already tried the MVC method that says to use * (asterisk - did not work), but this is a…
DarkLighting
  • 1,523
  • 11
  • 16
3
votes
2 answers

SQLMap Cookie Injectioin with Working Manual SQLi

I'm using an existing exploit which calls for a cookie called wp_sap to be set with the following value: ["1650149780')) OR 1=2 UNION ALL SELECT 1,2,3,4,5,6,7,8,9,@@version,11#"] This works great manually. Now, I'd like to be able to use this…
Rey Bango
  • 181
  • 1
  • 2
  • 7
3
votes
2 answers

sqlmap: Test injection in Basic Authentication?

I have been trying to make sqlmap test the username parameter in a fake login page that uses basic authentication. However I cannot make it test the Authentication header via the asterisk trick: sqlmap --auth-type "BASIC" --auth-cred="*:pass"…
chefarov
  • 154
  • 1
  • 10
3
votes
1 answer

How can I use sqlmap to get only a certain number of records in SQL Server using a LIMIT and OFFSET?

I'm trying to dump using sqlmap, I have 3 columns: name, lastname, userid with 9000 entries in each. When I just --dump the table, it will start from 1 to 9000. I don't want all the 9000, how can I tell it to start from 5000 and stop at 9000? I…
sivi109
  • 31
  • 1
  • 3
3
votes
1 answer

run sqlmap with http post request with encoding data

I have a target that http post request from that encoded As follows: data request post first url encoded and then base64 encoded. example request post from mentioned target As follows: POST /test/test-page.php HTTP/1.1 Host:…
alrz
  • 133
  • 1
  • 1
  • 4
3
votes
2 answers

Presence of table "sqlmapoutput" in PostgreSQL database

I was pentesting a client's database and saw this one table "sqlmapoutput" in one of the user created schemas. It's a PostgreSQL DBMS. and he has no idea how it came there. There was no data in the table: Table: sqlmapoutput [0 entries] +------+ |…
mystupidstory
  • 111
  • 1
  • 9
3
votes
1 answer

Plugin for integrating SQLMAP and BURP SUITE

I am trying to do SQL Injection using the SQLMAP Burp Plugin which I downloaded from http://code.google.com/p/gason/downloads/list. I have followed the steps for windows provided in http://resources.infosecinstitute.com/sqlmap-burp-plugin-2/. But…
Sai Dutt Mekala
  • 343
  • 2
  • 10
3
votes
1 answer

SQLMAP and DBMS credentials, how do you use them?

for educational purposes and in order to develop a test for students, i try to "hack" a website developped by a friend : http://www.websitetohack.com.index.php?id=5 When i launch SQLMAP, it finds a "Time Based Blind SQL Injection". After some dbs…
Paul Defroyden
  • 31
  • 1
  • 2
3
votes
1 answer

How we can Update table via sqlmap?

How we can update a table via sqlmap ? The injection is like this : mysite.com/?menu=-8' UNION ALL SELECT…
Freeman
  • 221
  • 1
  • 3
  • 6
2
votes
2 answers

What are the dangers of sql injection with php?

I made an SQL-injectable web-app build to with PHP to get a better understanding of what is going on and automated it all with sqlmap. The relevant code is the following: mysqli_query($conn, SELECT trans FROM `dictionary` WHERE `word` LIKE…
Slava Knyazev
  • 716
  • 5
  • 12
2
votes
2 answers

How sqlmap works to get all database info

I am curious how sqlmap able to get all the info from the database? I am using burp as proxy to view all the request and response. From the response I couldn't see any information related to the database but the sqlmap able to show the related info.…
overshadow
  • 351
  • 3
  • 5
  • 17
2
votes
1 answer

API Sql Injection Need help

I need some help with sqli in API. Webserver IIS 8.5 GET request looks like this ... https://example.com/api/Search?q=Landing Response look like this HTTP/1.1 200 OK ... [{"pageId":1,"pageName":"Landing Page"}] SQL query where I try to inject when…
Ricky
  • 21
  • 2
1
2
3
10 11