Questions tagged [sqlmap]

sqlmap is an "Automatic SQL injection and database takeover tool". It can be used to detect flaws in any software with an underlying SQL database

sqlmap is an open source penetration testing tool that automates the process of detecting and exploiting SQL injection flaws and taking over of database servers. It comes with a powerful detection engine, many niche features for the ultimate penetration tester and a broad range of switches lasting from database fingerprinting, over data fetching from the database, to accessing the underlying file system and executing commands on the operating system via out-of-band connections

128 questions

-1

votes

1 answer

ibatis sqlmapclient loading issue

i'm loading sqlmapclient in spring_config.xml like below …

asked May 13 '14 at 06:44

syril

-2

votes

1 answer

How to test this vulnerability?

The query time is controllable using parameter value [' | case randomblob(1000000000) when not null then "" else "" end | '], which caused the request to take [142] milliseconds, parameter value [' | case randomblob(1000000000) when not null then ""…

sql security owasp zap sqlmap

asked May 17 '21 at 07:35

Tsombie

-2

votes

2 answers

sqlmap syntax don't ask any question during work

I'm using python to execute another sqlmap syntax and get response and log it in one file but during sqlmap run ask many question about params or ... but only i need simple and fast answer about my url have any hole or no if have it , give me report…

linux sqlmap kali-linux

asked Nov 03 '19 at 19:26

ali frd

-3

votes

1 answer

bad interpreter: /usr/bin/python3: no such file or directory on Kali Linux

I'm using Kali linux. When I tryied sqlmap, I got errof which is zsh: /usr/bin/sqlmap: bad interpreter: /usr/bin/python3: no such file or directory It seems there is not existing python3. But it showed weird. apt-get install python3 Reading package…

python linux kali-linux sqlmap

asked Nov 29 '20 at 11:44

Ryoma

-3

votes

1 answer

How to do security testing for API

I have API like "/getXXXX?ABC=X7TRYUV&Ab_DEF=true&Ab_XYZ=true&Ab_ExZ=ZXTY" How can I check the vulnerability of the request parameters? What type of strings I can pass? I ran the API in Wapiti and SQLMAP tool but found no issue. manually i have…

api security sql-injection sqlmap wapiti

asked Dec 17 '19 at 09:27

user1726460

-3

votes

3 answers

How do I decrypt the following hash from a sqlmap output?

These are outputs for data in column Password from a table. 09630c2f8c3eb76a0c9e4f937bccae58 033b06ca049426c24789e2cb5c53a25d How do I decrypt this given that I've ran it through different hash decrypting programs and keep getting an error? What…

mysql sql-injection sqlmap

asked May 22 '19 at 05:54

novicehackster99

-4

votes

2 answers

How does sqlmap detect this SQL injection in my script?

I can inject SQL with sqlmap but am unable to understand how this works. There is no echo or print command on my script, but sqlmap returns data with database name and details. Here is the instance it has found: $sql ="SELECT * FROM application…

php mysql sql-injection sqlmap

asked Feb 08 '15 at 11:39

Asik

-6

votes

2 answers

How to make an url show it? ?id=1

I'm trying to create a simple site for local test, but I need to show on URL the following: ?id=1 How can I do it?

php url sqlmap

asked Dec 07 '14 at 16:50

Alan Godoi

Prev 1 2 3

…