Intro + First Question

Dec 15, 2017 06:58 AM

Hi, I'm new here in the null-byte community and would like to introduce myself. My name's Blank, and I've been into kali for quite some time now but only recently started to take it seriously. From roaming around the web looking for tutorials and informative posts to help me make my way to a PenTester I came across Null-Byte and found it to be quite useful.

Now I'm looking into SqlMap and a lot of times after scanning vulnerable websites (php id=1), it will end my scan with

WARNING GET parameter 'id' does not seem to be injectable

#And in all red:

CRITICAL all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp'). If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment')

Now I've tried add --level=3 --risk=3 to my command with similar results and can't seem to get any databases listed so I may continue with --tables, --columns, etc

Thanks :D

Related Articles

637587411395252764.jpg

How to Perform Advanced Man-in-the-Middle Attacks with Xerosploit

635211718118959676.jpg

How to Get Unlimited Free Trials Using a "Real" Fake Credit Card Number

Comments

No Comments Exist

Be the first, drop a comment!