IT Security Stack Exchange
IT Security Stack Exchange

Questions tagged [sqlmap]

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers.

152 questions
1
vote
1 answer

Sqlmap Sleepy User-Agent

I was testing Burp Suite Crawl on some old php sites I made and it found Sleepy User-Agent SQL injection vulnerability User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.100 Safari/537.36…
Marek
  • 11
  • 3
1
vote
1 answer

Paths in web servers

Using sqlmap I was able to gain access to one database and using --current-user and --privileges. I can confirm that the user is root@localhost with full privileges. The part I have problem with is that I don't understand how the --os-shell works. I…
Mr Pro
  • 11
  • 1
1
vote
2 answers

Never use stored session in sqlmap

I am trying to make sqlmap to avoid fetch data from stored session. How do I achieve that? I have performed sqlmap check once on a target and now that target is offline, I want sqlmap to just stop the checks if target is offline and even if target…
Sanjay Prajapat
  • 111
  • 1
  • 4
1
vote
0 answers

SQLMAP with single URL application

I have a local application which will be accessible only after login. Its single URL application, URL of application won't change, just it use 'XMLHttpRequest' to refresh the content of screen based on action and other parameters. Database used as…
EternalSunShine
  • 111
  • 1
1
vote
2 answers

Is there any way to find all the endpoints for any website for sql injection?

I'm wondering, if it's possible to discover all the endpoints for any product which is prone to SQL injection. I want all the endpoints where I can apply SQL injection on my site.
Nitin Rastogi
  • 285
  • 1
  • 2
  • 8
1
vote
1 answer

Dump specific rows from database using sqlmap

I'm trying to dump using sqlmap, I have 3 columns: userid, email, password with 2900000 entries in each. When I just --dump the table, it will start from 1 to 2900000. I don't want all the 2900000, how can I tell it to start from like 500000 and…
user206623
  • 11
  • 1
  • 2
1
vote
1 answer

sqlmap - Testing parameters when reading request from file

After hours of trial an error I decided to ask here for some advice. I am currently trying to perform a sqlinj using using sqlmap on a system that was specifically designed to be attacked. The API states: Method:…
n00b.exe
  • 141
  • 1
  • 2
  • 4
1
vote
1 answer

Is there any publicly available information about how sqlmap works?

I want to understand the deep theory behind sqlmap - the decision making of the programm - how is it done? Is there any public paper? (There is still an option to read and understand sqlmap code and use -vvv switch). I'm searching for a…
Awaaaaarghhh
  • 562
  • 2
  • 18
1
vote
1 answer

SQL inject MariaDB with SQLMAP

I'm fairly new to sqlmap but I have tried a lot of attacks and have been successful except for this one attack that I have tried. SQLMAP won't detect this nor try to inject an error like this. So how ik that the site is vulnerable well. I used…
Dan Ash
  • 11
  • 1
  • 3
1
vote
1 answer

SQL injection with an auto-incrementing parameter

I'm currently performing an API Pentest and I suspect an SQLi in one of the API calls. It updates a certain item of the web-service and requires an increase of the version number for each request. The request body is…
Dolores The Third
  • 55
  • 5
1
vote
1 answer

Running sqlmap against a parameter inside a parameter

I have a domain in the format: example.com?host=http://anotherexample.com?bar=1 I want to attack the "bar" param, but sqlmap (correctly) parses the second url as a value of the foo param. Therefore I can't select the bar variable with the -p…
Cathal
  • 111
  • 1
  • 4
1
vote
1 answer

How to use custom injection in sqlmap?

This is post data, normally looks like this {"end_date":"2018-8-26","start_date":"2018-8-26","success":1} Below resulting "You have an error ..." {"end_date":"2018-8-26'","start_date":"2018-8-26","success":1} Below successfully print db version…
Dark Cyber
  • 225
  • 1
  • 5
  • 11
1
vote
0 answers

DVWA cant be injected with SQLMAP [id is not injectionable]

I'm trying to catch SQL Injection attacks from DVWA with sqlmap, I'm using the most simple option it provides, but it's strange that sometimes it works and other it doesn't, showing a message similar to: ...parameter 'X' does not seem to be…
aneela
  • 201
  • 3
  • 10
1
vote
1 answer

Custom post data JSON payload format in sqlmap?

I want to perform SQL injection but I don't know how to use the command. So far, I have tried this: --data="{'user_id':'6','user_with:5*'}" --prefix=" OR user_to = 5)" --suffix="#" -vvv` I use ' instead of " in parameter because sqlmap post data…
Dark Cyber
  • 225
  • 1
  • 5
  • 11
1
vote
0 answers

effective way to bypass Sucuri WAF on Sqlmap?

i'm struggling to bypass a website WAF that uses Sucuri WAF, i saw some tutorials online, and tried to mix them with some pre-defined sqlmap tampers, such as "randomcaso, charencode", but i wasn't able to succeed, it's like the browser and the…
Thiago Dias
  • 171
  • 1
  • 8
1 2 3
10 11