cancel
Showing results for 
Search instead for 
Did you mean: 
Reply
Highlighted
deep666 Frequent Visitor
Frequent Visitor

sol injection

I tried to exploit a vulnerability that was found with a program that find vulnerable but sqlmap says this message though it's vulnerable to be cause and how I can go over

[WARNING] The GET parameter 'query' does not seem to be injectable
[18:18:41] [CRITICAL] all tested parameters appear to be not injectable. Try to increase '-level' / '- risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp'). If you suspect that there is some kind of protection mechanism involved (eg WAF), maybe you could try again with a '--tamper' option (eg '--tamper = space2comment')

1 ACCEPTED SOLUTION

Accepted Solutions
markp Frequent Visitor
Frequent Visitor

Re: sol injection

going from what you have posted it seem that sqlmap is telling you that the tests it ran cant find a way to inject.

Have you tried using the parameters in the logs?

View solution in original post

2 REPLIES 2
markp Frequent Visitor
Frequent Visitor

Re: sol injection

going from what you have posted it seem that sqlmap is telling you that the tests it ran cant find a way to inject.

Have you tried using the parameters in the logs?

View solution in original post

deep666 Frequent Visitor
Frequent Visitor

Re: sol injection

i have used parameters from the documentation and vain the parameter is vulnerable as it is found with owasp zap but can not pass those waf protectors with code can use to be able to pass for filtering

Helpful resources

Announcements
Can You Solve These Challenge

Challenge: Can You Solve These?

Find out how to participate in the first Power BI 'Can You Solve These?' challenge.

Community News & Announcements

Community News & Announcements

Get your latest community news and announcements.

Virtual Launch Event

Microsoft Business Applications October Virtual Launch Event

Join us for an in-depth look at the new innovations across Dynamics 365 and the Microsoft Power Platform.

Community Kudopalooza

Win Power BI Swag with Community Kudopalooza!

Each week, complete activities and be qualified in the drawing for cool Power BI Swag.

Users Online
Currently online: 359 members 3,809 guests
Please welcome our newest community members: