Re: [sqlmap-users] Sqlmap Beginner

Tue, 30 Jun 2015 08:15:18 -0700 

Hi.

If you are using only GET parameters to pass arguments to your web
application then you could manually find all different links on your web
site containing parameters. Then you should pass those to sqlmap (e.g. by
enlisting them line by line in a file and using option -m to pass such file
to sqlmap or one by one by using option -u).

Also, you can let sqlmap do all the crawling stuff by using e.g.: --crawl 2
--forms.

In case of more advanced cases you should use MiTM proxy (e.g. Burp) and
pass the requests of interest (containing GET and/or POST parameters) by
either option -r or by option -l.

Bye
On Jun 30, 2015 12:07 PM, "Savita" <savitabi...@qsgsoft.com> wrote:

> Hi All,
>
>
>
> I am doing some security tests on a web application and I decided to test
> sqlmap for the first time. From the tutorial post I understood that we need
> to pass a target URL to Sqlmap. But I am not getting, how to get a
> vulnerable URL from our website. Do I need to traverse all the pages of
> website to get vulnerable Url? What all attributes need to be tested to say
> testing for SQL Injection completed? Could you please help me to resolve
> this? I am looking forward to hearing from you.
>
>
>
> Thank you,
>
> Savita
>
>
> ------------------------------------------------------------------------------
> Don't Limit Your Business. Reach for the Cloud.
> GigeNET's Cloud Solutions provide you with the tools and support that
> you need to offload your IT needs and focus on growing your business.
> Configured For All Businesses. Start Your Cloud Today.
> https://www.gigenetcloud.com/
> _______________________________________________
> sqlmap-users mailing list
> sqlmap-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/sqlmap-users
>
>

------------------------------------------------------------------------------
Don't Limit Your Business. Reach for the Cloud.
GigeNET's Cloud Solutions provide you with the tools and support that
you need to offload your IT needs and focus on growing your business.
Configured For All Businesses. Start Your Cloud Today.
https://www.gigenetcloud.com/
_______________________________________________
sqlmap-users mailing list
sqlmap-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/sqlmap-users

Reply via email to