SQLMap command SSL error

Asked Jul 03 '18 at 07:14

Active Jul 03 '18 at 07:25

Viewed 1,478 times

I have an application running on Apache 2.4.33 and we are trying to test the sql injection vulnerability for this application using the SQLMap command as below:

sqlmap -u 'http://hostip/appurl?query_type=something&element=*' -D check -T configuration --dump

The application is runnig on ssl 443 port and when the above url is hit through browser it gets redirected to https, similar thing happens in the above command and we see the following:

[00:02:01] [INFO] testing connection to the target URL
sqlmap got a 302 redirect to 'https://hostip/appurl?query_type=something&element=. Do you want to follow? [Y/n] n

and this utility works properly.

sqlmap -u 'https://hostip/appurl?query_type=something&element=' -D check -T configuration --dump

However when we directly try to do the sqlmap command on the url which it was getting redirected we get 500 internal server error.

The Apache access log show:

10.21.12.170 - - [03/Jul/2018:12:51:12 +0530] "GET https://hostip/appurl?query_type=something&element= HTTP/1.1" 500 -

edited Jul 03 '18 at 07:25

asked Jul 03 '18 at 07:14

vaibhav

3,929
8
45
81

You have not asked a question. – Bill Karwin Jul 03 '18 at 13:03
Also this should be asked on https://security.stackexchange.com – lauda Jul 04 '18 at 07:51

SQLMap command SSL error

0 Answers0