Can sqlmap be used to extract data if the attack is blind?
I’m solving this challenge/lab where SQLi is inside the cookie parameter. After solving it manually, I thought to check if it can extract data. I used sqlmap with –cookie=COOKIE* (Notice * that’s the marker to tell sqlmap about the inject… Continue reading Can sqlmap be used to extract data if the attack is blind?