Hi I'm trying to do a SQL injection in a login form. With BurpSuite I intercept the request: POST /xxxx/web/Login HTTP/1.1 Host: 10.0.0.70:42020 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X...

I need to do SQL injection on a part of cookie using sqlmap. The target URL is static. A sample cookie: Cookie1=blah_var1/blah_val1/blah_var2/blah_val2/searchtext/userinput/blah_var3/blah_val3/....

In sqlmap I want to use time-based blind sqli technique. --technique= comes with a default of BEUSTQ which letter should use for time based blind only?

I was running a SQLInjection with sqlmap. My page has an error of sql but the error shows up once you logged in your account(Example: page.com/login.php and when you log you go to page.com/index.ph...

I'm a student learning php & mysql development. i have setup a private lab ( VM ) inside my computer to test & learn how sql injection works. When things get harder i use sqlmap to exploit ...

Pulling database tables and columns works fine using SQLMAP, but as I try to execute an INSERT statement I get the following error: query: sqlmap -u "http://www.example.com/details.php?item_id=32...

I am trying to understand how SQLmap works. For example, sqlmap finds injection on my site - Place: GET Parameter: selected Type: UNION query Title: MySQL UNION query (NULL) - 5 columns Payloa...