Reputation:
Sqlmap, using technique
In sqlmap I want to use time-based blind sqli technique. --technique= comes with a default of BEUSTQ which letter should use for time based blind only?
Upvotes: 6
Views: 39670
Answers (2)
Reputation: 554
Accepted answer seems incorrect from my point of view. For a time based blind SQL injection, you should use letter T, for example --technique=T .
The list of techniques with its letters is as follows:
- B: Boolean-based blind
- E: Error-based
- U: Union query-based
- S: Stacked queries
- T: Time-based blind
- Q: Inline queries
Upvotes: 15
Reputation: 152
i think u should have a cookie for sql time-based blind .
For example tihs
sqlmap -u 'http://192.168.85.129/vulnerabilities/sqli_blind/?id=&Submit=Submit' --cookie="PHPSESSID=1k37fvfqn08c82ua7qrgvp3su4; security=low" --dump --users --passwords
or this is for --technique=BEUSTQ .
--banner --technique=BEUSTQ --level=1,2,3,4,5
GET and POST parameters are always tested, HTTP Cookie header values are tested from level 2 HTTP User-Agent/Referer headers' value is tested from level 3. --risk=1,2,3,4 The default value is 1 which is innocuous for the majority of SQL injection points. Risk value 2 adds to the default level the tests for heavy query time-based SQL injections and value 3 adds also OR- based SQL injection tests. --second-order=visible_page_url Injection
Upvotes: 5
Related Questions
- Efficient way for creating mapping
- How sqlmap internally works?
- Retrieving data from sql in java class
- Specify parameters with SQLMAP
- Performing SQL query programatically with Java Collections/Map
- Calling hashmap map
- SQLMAP to test sql injection
- Java With SQL Mapper
- mapping result in sql server
- How to map multiple records using SqlMap in Ibatis