Stack Overflow
Stack Overflow

Questions tagged [sqlmap]

sqlmap is an "Automatic SQL injection and database takeover tool". It can be used to detect flaws in any software with an underlying SQL database

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections

128 questions
3
votes
4 answers

SQLMAP to test sql injection

I ran SQLMAP to test SQL injection for one of the site, and got the below information. sqlmap identified the following injection points with a total of 78 HTTP(s) requests: --- Place: GET Parameter: id Type: boolean-based blind Title: AND…
Akon
  • 272
  • 1
  • 6
  • 20
2
votes
0 answers

SQLMap not matching string in response

I'm using SQLMap for test SQL Injections on a login form, when the server validates credentials it returns an HTTP 200 Status Code and in the response body: {"code":1} (on valid credentials) or {"code":0} (on invalid credentials). Since the status…
JonasK89874
  • 21
  • 1
2
votes
1 answer

Is it possible to use SQLMAP against an ODBC driver connection?

Is it possible to use sqlmap against an ODBC connection so that I can test the database with SQLMAP if there are some vulnerabilities? Maybe is it possible to use SQLMAP in the context of pyodbc? I want to test if the ODBC driver has some…
TheCodingKing
  • 97
  • 2
  • 10
2
votes
0 answers

How to use sqlmap to scan entire app (full site scan)?

Suppose I have a rails app running on http://localhost:3000/, how can I make sqlmap crawl an entire app and attempt injection on every single form it finds? Note: my app is about 20 pages, so it shouldn't be a monumental task, I just hope to find a…
stevec
  • 41,291
  • 27
  • 223
  • 311
2
votes
1 answer

sqlmap - add a dynamic token at each request

I'm doing a challenge where there is a webpage which allows sql injection. Every request submitted needs a token which you retrieve from another webpage. The token is valid limited time and for one request only. Is there a way to tell sqlmap before…
d82k
  • 379
  • 7
  • 17
2
votes
1 answer

How do I dump columns without datatype in SQLmap?

I would like to what's the command to dump only columns names, not data type. And also is it possible we can search in data? Like fetch the column data having @gmail.com or word 'admin.
Touseef
  • 21
  • 3
2
votes
0 answers

SQL injection with no spaces

I'm trying to exploit an SQL injection on a website (in the name of Science, of course). After some tests I found how the back-end works. The SQL query is formed like this: $query = 'SELECT * FROM TABLE WHERE ID ='.$segment where $segment is the…
Max
  • 83
  • 1
  • 7
2
votes
1 answer

How to use sqlmap payload in browser manually?

When we use sqlmap, it does everything automatically for finding sql injection of a website. I'm interested in that I send malicious queries directly in my browser and get the results in it, but when I couldn't find anything, I use sqlmap for…
ThisIsMe
  • 71
  • 1
  • 12
2
votes
1 answer

SQLMap succesul inject query browsing

i was wondering if there is a way to browse an SQL query SQLMap was using at the moment of injection so that I could paste this query into my browser and watch it work itself, without automated tools. Example: I use the sqlmap -u…
r4z0r5
  • 21
  • 1
  • 6
2
votes
2 answers

Use date in MapSqlParameterSource in java Spring

I want to fetch result between start_date to end_date so that i can find my product report. sql = new StringBuilder() .append(" select oi.last_modified,oi.product_key") .append(" from orders o join…
Rohit Jain
  • 127
  • 3
  • 9
2
votes
0 answers

Is there any way in sqlmap(sql-injection testing tool) to fetch database tables without running the complete test?

Is there any way in sqlmap(sql-injection testing tool) to fetch database tables without running the complete test? When I test a URL it takes a long time to Complete the whole test and retrieve database tables. Is there any shorter way to do fetch…
Akash Kainth
  • 21
  • 2
2
votes
1 answer

How can I tell sqlmap to check another link?

I have a sql injection point using POST request at the url http://example.com/submit.php which works with the data id=3&submit=submit. This saves the ID in a session $_SESSION[ id ] and you see the output result (which is the name and surname of the…
endritt
  • 21
  • 2
2
votes
1 answer

verify sql injection through sqlmap

I have a small application, there is one field in which I can write a number and submit it, the page request goes to server and I get a response or no response (as per the argument) Now I checked the field for sql injection and got that it is…
user3646405
  • 55
  • 7
2
votes
2 answers

Getting 'connection time out' error each time on the same step in sqlmap

On running sqlmap, I always get an error on following step and then connection gets timed out. [11:44:14] [INFO] testing 'AND boolean-based blind - WHERE or HAVING clause' [11:46:15] [CRITICAL] connection timed out to the target url or proxy, sqlmap…
user3282744
  • 21
  • 1
  • 1
  • 3
1
vote
0 answers

Teach sqlmap to use an already found injection

Prologue: I found a SQL injection in my own old private application. The injection is possible thanks to an older version of hibernate and the setComment(format("my comment. User input is: %s",userInput)); The rendered query looks like this: /* my…
Tim Malich
  • 1,301
  • 14
  • 22
1
2
3
8 9