0

I am doing some pentests against one of my websites that is currently being built (a school project)

And I am trying to make sure it's security at it's best.

(Yes, I do have the correct parameters and the site is vulnerable to SQLi Injections.

It does continue it's scan but it will then ask the [y/n] and I choose [y] and it just stops and doesn't scan. I've tried doing a fresh clone of sqlmap and that didn't work.

Anything that can help would be appreciated.

root@kali:~# sqlmap -u http://myschoolproject.com/ --dbs
[1] 1372
bash: --dbs: command not found

(It will scan until asked a [y/n])



it looks like the back-end DBMS is 'MySQL'. Do you want to skip test payloads specific for other DBMSes? [Y/n] y

[1]+  Stopped sqlmap -u http://myschoolproject.com/
melpomene
  • 84,125
  • 8
  • 85
  • 148
xor
  • 3
  • 2
  • 3
  • 2
    What's the actual url (you can replace the host by `example.com`)? Does it contain a `&` somewhere? – melpomene Jul 08 '16 at 16:59
  • Yeah, sorry about that. I forgot to include it when editing the code and replacing my site with a random one. It's ( index.php?cat=4 ) – xor Jul 08 '16 at 17:03

1 Answers1

2

That sounds like you have a & in there. In bash, foo & bar runs the command foo in the background and bar in the foreground.

So if your URL actually looks like http://myschoolproject.com/index.php?cat=4&attr=95,76, that command is interpreted as

sqlmap -u http://myschoolproject.com/index.php?cat=4 &
attr=95,76 --dbs

The first command runs sqlmap in the background (with a truncated URL); this explains the [1] 1372 part (that's what bash shows then starting a background process). The second command runs --dbs in the foreground (with attr set to 95,76 in the environment); this explains the bash: --dbs: command not found error.

In any case, the solution is to quote the URL with single quotes:

sqlmap -u 'http://myschoolproject.com/index.php?cat=4&attr=95,76' --dbs
melpomene
  • 84,125
  • 8
  • 85
  • 148