now the problem I am facing is when I copy the HTTP request in sample.txt file.
I do python sqlmap.py -p sample.txt
It gives me error that I haven't mentioned any injectable parameter. however, If simply paste the URL in browser, it throws SQL error. How to resovle this issue ?
stamparm
commented
4 years ago
I am trying to perform sqlmap locally and checking penetration testing of my website
When I run vulnerability scanner, it shows SQL injection error with HTTP like this
GET /index.php/search/FB3hw7'''''''/assets/assets/assets/assets/assets/assets/assets/assets/assets/assets/assets HTTP/1.1 X-Requested-With: XMLHttpRequest Referer: http://xxxxxxxxxxxxx Cookie: csrf_cookie_name=1b8ca9d5f78dc5a39b7fc91178a224fe; ci_session=xxxxxxbxxxxxxxxxxxxxxxxxxxxxxxxxmnet_session_depth=1%7C1585121878235; B=72uo4d1f7m2mf&b=3&s=au Host: 127.0.0.1 Connection: Keep-alive Accept-Encoding: gzip,deflate User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.21 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.21 Accept: /
now the problem I am facing is when I copy the HTTP request in sample.txt file.
I do python sqlmap.py -p sample.txt
It gives me error that I haven't mentioned any injectable parameter. however, If simply paste the URL in browser, it throws SQL error. How to resovle this issue ?