I was running a SQLInjection with sqlmap. My page has an error of sql but the error shows up once you logged in your account(Example: page.com/login.php and when you log you go to page.com/index.php?id=1 and here the sql error is evident). When i run sqlmap on page.com/index.php?id=1 the page redirects the sqlmap to page.com/login.php.It's possible to provide sqlmap a user and a password to make sqlmap log in the account and then perform the SQLInjection? Thank you for your time
Asked
Active
Viewed 1.9k times
1 Answers
8
You can use cookie parameter with sqlmap. First, log into your account and learn your cookie information then you can use --cookie parameter. For example when login my account, my cookie is PHPSESSIONID=ajksdgadhakjsdhak. After that, you could do just like command below in your terminal.
sqlmap.py --url http://page.com/index.php?id=1 --cookie='PHPSESSIONID=ajksdgadhakjsdhak' --dbs
