Collaborate Disseminate
I’ve studying and practicing different approach to SQLi filter bypass and I faced a challenge. What if the WAF filters look for specific strings rather than SQL keywords?
Example:
Filter: /UNION/
SQLi: UnIoN
Filter: /UNION/i
SQLi: un/**/i… Continue reading SQLi Filter Bypass with banned table/column names
What’s the best way to dump 10 million of records from db using sqlmap ?
Was trying to dump the whole database of a test website with 10KK+ entries in 1 tables. Right now using the following commands:
sqlmap -u website.com/php?id=123 -D db… Continue reading Dumping a lot of data using SQLMap faster
What’s the best way to dump 10 million of records from db using sqlmap ?
Was trying to dump the whole database of a test website with 10KK+ entries in 1 tables. Right now using the following commands:
sqlmap -u website.com/php?id=123 -D db… Continue reading Dumping a lot of data using SQLMap faster
Is it possible to dump 10 million records using sqlmap in a short time? For example, 4-5 hours?
I also try the option of –dns-domain but still 4 days running now. Any ideas?
Or some other tools?
Continue reading Dump 10 million records fast with sqlmap [closed]
Hi I’m relatively new to sqlmap and trying to find an exploit in my project web. Here is how i run it;
python3 sqlmap.py -u http://localhost/output3/members.php?valueToSearch=mira
I have tried to use the various variables along with it as… Continue reading sqlmap SQL injection not injecting [closed]
I am fairly new to sql injections and tried to solve a little hackit to understand everything better. I wasn’t able to solve one of the levels so I ran sqlmap to see what it would do. The payloads that I got looked a bit like this
http://s… Continue reading Understanding sqlmap’s payload for blind sql injection
I am studying sqli and I found a blind sqli vulnerability in a cookie and I have exploited manually, however, I would like to detect and exploit it with sqlmap.
Cookie looks like javascript object with this structure: user_info={"user… Continue reading Execute sqlmap in a javaScript object cookie
I repost my question, I’ve deleted the parts that had banned in the previous question. I post only the output of sqlmap (without any references)
Can anyone help me to dump this specific case?
I can’t retrieve "INFORMATION_SCHEMA"… Continue reading help with sqlmap (repost with deleted parts) [closed]
I can’t do dump on this specific case.
I try this command but nothing.
Can anyone help me with SQL injection in this case?
sqlmap -u "http://www.\\hidden-content/index.php?action=view_event&details=184%20AND%203*2*1=6%20AND%20319=… Continue reading Problem to bypass "Suhosin patch" in Sqlmap [closed]
I have accessed a database and using –is-dba , I know that the user IS NOT database admin and also using –privileges , I know that the privileges is USAGE . Now I want to know is this the reason that sqlmap is only dumping the ID column … Continue reading Why does sqlmap dump column ids only?