Results 1 to 1 of 1

Thread: Help with SQLMap

  1. #1
    Senior Member
    Join Date
    Jan 2010
    Posts
    140

    Default Help with SQLMap

    I am brushing up on php web app testing and I have downloaded the latest version of Damn Vulnerable Web App (DVWA). There is a SQL inject section which I had no problem with exploiting manually. However I would like to try SQLMap against the page but I am having trouble.

    The website uses forms authentication on it's login.php page. You must authenticate before you can get to the SQL injection page which is /vulnerabilities/sqli/. When I try to target the vulnerable page with SQLMap using this command

    Code:
    ./sqlmap.py -u "http://192.168.1.1/vulnerabilities/sqli/?id=1&Submit=Submit"
    I get this response

    Code:
    sqlmap got a 302 redirect to ../../login.php
    This made sense to me so I tried logging in and copying cookie session information into the SQLMap command like this

    Code:
    ./sqlmap.py -u "http://192.168.1.1/vulnerabilities/sqli/?id=1&Submit=Submit" --cookie="PHPSESSID=k9t1eaec3dfqdlktietpp1kci7; security=low"
    The result looks like it just tries SQL injection against the values in the cookie but it doesn't actually use the cookie values for it's own session values because I still get redirected.

    Can anyone help me understand how to use SQLMap against pages that use forms authentication? A link to some information that would help me figure it out would be great. I have tried doing alot of research and haven't been able to find the answer on my own.

    Edit: No one? Bummer. I will give it a shot manually updating the cookie values in BURP and see if I have any better luck. I just feel like there must be a way to use SQLMap against pages with forms based auth. If not that seems like a pretty big limitation.
    Last edited by Dudeman02379; 01-20-2011 at 06:16 AM. Reason: Update

Similar Threads

  1. Sqlmap Parte 1 - Extraccion de Datos
    By Rodolfo in forum BT Videos - ES
    Replies: 0
    Last Post: 08-11-2010, 08:39 AM
  2. sqlmap --os-pwn difficulties
    By signat in forum Experts Forum
    Replies: 0
    Last Post: 05-20-2010, 04:02 PM
  3. SQLMAP is too slow
    By SilverSpam in forum OLD Newbie Area
    Replies: 2
    Last Post: 03-01-2010, 09:17 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •