IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [sqlmap]

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

152 questions
2
votes
1 answer

Using update with SQLMAP error

I am trying to use UPDATE or insert after getting victim database information, for that I am using command: sqlmap -u somewebsite.com/id=2 --sql-shell After that: > sql-shell : UPDATE username FROM .... and I get an error everytime (also in…
Samxo
  • 29
  • 3
2
votes
2 answers

Special sqlmap injection

I'm currently pentesting my friends website. I found an SQL injection with acunetix' help: - URL encoded GET input for was set to 1##### Error message found: supplied argument is not a valid MySQL result So I tried running a normal…
nickvl
  • 21
  • 2
2
votes
3 answers

SQLMap deleted database items

While doing test on my website, SQLMap deleted data in my database tables. Everything is corrupt. What is a safe way of using this tool without touching other items on a live server? How do you use SQLMap on a live server?
nadya
  • 21
  • 1
  • 2
2
votes
1 answer

Sqlmap, how to move forward?

So, I'm using Sqlmap for a while now to test the security for my company (we're too small to have IT guy and I'm the closest they got for now), I already managed to access the database remotely and dump the database using this Parameter: id (GET) …
Lumi Kor
  • 21
  • 3
1
vote
1 answer

Oracle Sql Injection Reverse Shell

I am testing for SQL Injection on a website that uses ASP code. I can successfully get all the databases and tables. Current user has DBA privileges. I wonder how can I get a reverse shell by using this SQL Injection. Oracle version is "Oracle…
user1968957
  • 39
  • 1
  • 2
1
vote
0 answers

Sqlmap parameter “might not be injectable”

I'm starting with sqlmap and I have the following problem: When I try to use sqlmap (trying to bypass waf) using this snippet: sqlmap.py -u "http://prefing.umsa.edu.bo/index.php?option=com_newsfeeds&view=newsfeed&id=1&feedid=1&Itemid=18" --dbs…
Alan Alvarez
  • 111
  • 2
1
vote
1 answer

SQL injection with a URL separated with dashes

I have have used sqlmap for a long time now. I have come across a this url pattern. http://www.example.com/parameter-somethingid01-anotherthingid023 Where parameter is expendable meaning it doesn't matter if the it's available or…
Duplicator
  • 11
  • 1
1
vote
1 answer

Is it possible to bypass HTML character reference encoding to inject SQL in this context?

I was poking around with the "reset password" page of a website (security testing and bug hunting is allowed on it.) When you put in your email address, it uses HTML character reference encoding to encode your address. For example: Email:…
Mico
  • 377
  • 3
  • 16
1
vote
1 answer

SQLMAP unable to upload the stager file with 404 error

I can't get to upload the stager file on the OWASP BWA document root (/var/wwww/WackoPicko/users). I am not sure how to troubleshoot this error. root kali:~# sqlmap -u "http://x.x.x.x/WackoPicko/users/login.php" --data…
c0ldhand
  • 13
  • 1
  • 3
1
vote
0 answers

Sql injection extract random bits instead of actual data

I was performing SQL injection through sqlmap and it showed that the parameter is vulnerable but it is only extracting random bits instead of actual data. I am pasting extracted material here. [00:12:27] [INFO] the back-end DBMS is MySQL back-end…
Skull dev
  • 11
  • 2
1
vote
1 answer

How secure and anonymous is the --tor parameter in Sqlmap?

How secure and anonymous is the --tor parameter in Sqlmap? Does it really send every request over Tor and does it have any IP/DNS/STUN requests leak loopholes?
UndercoverDog
  • 612
  • 2
  • 17
1
vote
1 answer

Using sqlmap for detecting SQLi on Juice shop's login page

New Sqlmap user, so please be patient :) I've started looking at the tool and I'm curious about its use. For instance, the login page of OWASP's Juice shop is vulnerable to sql injection (' OR 1=1-- and you'll be automatically logged in as admin),…
Luis Abreu
  • 113
  • 4
1
vote
2 answers

How to configure SQLMap to attack JSON parameter?

Part of a box I'm doing, I can successfully pass basic SQL query 'or'1'='1 with no errors, {"search":"'or'1'='1"} Output: HTTP/1.0 200 OK Trying to error the query {"search":"'"} Output: (successful) HTTP/1.0 500 INTERNAL SERVER ERROR Using…
mansk1es
  • 21
  • 3
1
vote
0 answers

Can sqlmap be used to extract data if the attack is blind?

I'm solving this challenge/lab where SQLi is inside the cookie parameter. After solving it manually, I thought to check if it can extract data. I used sqlmap with --cookie=COOKIE* (Notice * that's the marker to tell sqlmap about the injection point)…
Mike
  • 11
  • 1
1
vote
0 answers

Is it possible to enumerate Microsoft Access database using sqlmap?

I'm trying to enumerate a Microsoft Access database using sqlmap, in particular I run this command: sqlmap -r http.txt --risk 2 --dump-all Anyway it seems is not retrieving a single information. Am I missing some switch? I already tried…
Maicake
  • 497
  • 1
  • 3
  • 13
1 2 3
10 11