Reputation: 13
How to set up sqlmap injection with xampp?
Now I use xampp for simulate server and I don't know how to post my code stackoverflow doesn't let me do.
So I download Python ver2.7 and sqlmap for trying to injection my website (.php).
and I search tutorial in Internet and get struct with this command "sqlmap.py -u "link". My question is about at the end of the link in tutorial have a ".php?id=1" and they found id by search in Google. But my server is xampp I can't search in Google too. so what does "id=" mean? and is there anyway to injection and get all of database of this website.
because I type sqlmap.py -u "http://localhost/secure/sc.php" or even I put--level=3 --risk=3` output still be
[CRITICAL] all tested parameters appear to be not injectable.
Is xampp can do this injection sqlmap or I should try another server simulator?
Upvotes: 1
Views: 3735
Answers (1)
Reputation: 42622
Yes, XAMPP is just fine.
You need to help sqlmap a bit and tell which are the parameters that your script takes and provide some valid values.
For example
sqlmap.py -u "http://localhost/secure/sc.php?id=1&name=Joe"
Additionally you can put an *, to mark a parameter that you would like to test.
sqlmap.py -u "http://localhost/secure/sc.php?id=1*&name=Joe"
Upvotes: 1
Related Questions
- SQLMap succesul inject query browsing
- How to do sql injection in seed lab
- Specify parameters with SQLMAP
- Sqlmap post data
- two parameters with SQLMAP
- verify sql injection through sqlmap
- How can I inject SQL into my site?
- SQL injection simulation example
- PHP + Oracle - How to perform SQL injection?
- PHP with SQL Injection