Author Topic: How to scan a website with sqlmap behind login (Read 5169 times)

b4b4b0z0r6 · « **on:** August 21, 2013, 08:53:56 pm »

Hello
I've got access to a vulnerable system to sql injection and I'm trying to use sqlmap to inject and get access to the database. but there is this problem that the vulnerable target is behind one login instance! and this login thing is provided by a moodle site which is secure! they are using single sign in method! so only after i'm authenticated i can access to the vulnerable target!

I wanted to know how can i tell sqlmap to use the login credentials ?

Thanks

s0uthboy · « **Reply #1 on:** August 22, 2013, 01:11:29 pm »

sqlmap cannot just avoid the login, but if you know the credentials you can try the switches

Code: [Select]

--auth-cred name:password --auth-type (Basic, or Digest ,or NTLM) if is an http autenticati on,
try also

Code: [Select]

--dbms-cred user:password if you need to authenticate into the DB. that will work only if you know the credentials.
but im not sure thats your case, mmh maybe an sqlmap output will help

b4b4b0z0r6 · « **Reply #2 on:** August 23, 2013, 05:44:36 am »

thank you so much!
but seems my problem could be solved with using --cookies option because this site redirects me for the login and the login info are not in the page itself!

thank you so much

I've got the access.

EvilZone

News:

Author Topic: How to scan a website with sqlmap behind login (Read 5169 times)

b4b4b0z0r6

How to scan a website with sqlmap behind login

s0uthboy

Re: How to scan a website with sqlmap behind login

b4b4b0z0r6

Re: How to scan a website with sqlmap behind login