sqlmap – Page 6 – WindowsTechs.com

Why the – in SQL injection? [closed]

Posted on February 28, 2022 by Questioner

The — can be used as a comment in SQL injection to ignore the rest of a line, however I am freqently seeing a single dash – used.
Here are two example queries from Security Idiots.
http://fakesite.com/report.php?id=23 and 0 union select 1… Continue reading Why the – in SQL injection? [closed]→

How to modify a database through SQL injection UNION?

Posted on February 21, 2022 by ilich262

I need help with an sqli exercise. I used sqlmap to find a UNION vulnerability.
I managed to get the H2 version with this payload:
string’) UNION ALL SELECT NULL,H2VERSION(),NULL,NULL,NULL–

But I would like to modify the database. I tri… Continue reading How to modify a database through SQL injection UNION?→

sqlmap testing JSON data in a cookie [closed]

Posted on February 17, 2022 by Ilqar Sadiqov

I am testing some website for sql injection and found with burp suite that this website is vulnerable.
I have tested sql injection and executed some sql queries successfully within burp suite. Now I want to use sqlmap. Burp suite found a v… Continue reading sqlmap testing JSON data in a cookie [closed]→

SQLmap: identified time-based blind, able to retrieve banner, but cannot retrieve database names, target behind firewall [closed]

Posted on February 7, 2022 by Kirk

I’m trying sqlmap (newest stable version {1.6#stable}).
Here’s my situation & current result:

The target is behind a firewall. Sometimes the firewall blocks my ip & shows a recaptcha.
So it seems that I can’t get reliable result. … Continue reading SQLmap: identified time-based blind, able to retrieve banner, but cannot retrieve database names, target behind firewall [closed]→

Cloudflare SQLinjection protection

Posted on January 19, 2022 by nonetype

I’m testing for vulnerabilities for a specific site using sqlmap. However, the site has a cloudflare firewall which blocks queries including for example *, ANY or OR. I sort of found a bypass while searching for people who’ve bypassed it. … Continue reading Cloudflare SQLinjection protection→

SQLMAP payloads don’t work manually, why?

Posted on January 5, 2022 by kellyr

I was trying out SQLMAP on DVWA (medium security for SQL injection), and I did get a set of payloads (sqlmap chucked out a few payloads that should have worked). But entered manually, I couldn’t get the payloads to work. If I let sqlmap do… Continue reading SQLMAP payloads don’t work manually, why?→

How to use sqlmap to test a chain of requests

Posted on December 10, 2021 by Elliot

I’m trying to use sqlmap to test an application where a search is performed in two requests.
The first request-response pair is like
POST /endpoint.aspx
Host: example.com
Qf_status: 0
Qf_find: searchstring
Content-Length: 0

HTTP/1.1 200 … Continue reading How to use sqlmap to test a chain of requests→

API Sql Injection Need help

Posted on December 5, 2021 by Ricky

I need some help with sqli in API.
Webserver IIS 8.5
GET request looks like this
…
https://example.com/api/Search?q=Landing

Response look like this
HTTP/1.1 200 OK
…
[{"pageId":1,"pageName":"Landing Page"… Continue reading API Sql Injection Need help→

API Sql Injection

Posted on December 5, 2021 by Ricky

I need some help with an SQL injection at an API.
Webserver IIS 8.5
The GET request looks like this
…
https://example.com/api/Search?q=Landing

The Response looks like this
HTTP/1.1 200 OK
…
[{"pageId":1,"pageName":… Continue reading API Sql Injection→

How to utilise sqlmap’s blind enumeration when you already know the SQL injection query

Posted on November 28, 2021 by Mark

I am looking for some help on how to get the best out of sqlmap. I am practising on a web application that runs the following query when the login form is submitted:
SELECT * FROM Users WHERE username = ‘<form-username-value>’ AND pa… Continue reading How to utilise sqlmap’s blind enumeration when you already know the SQL injection query→