HELP! SQLMap Essentials - What's the contents of table flag4? (Case #4)

Hi, I have been struggling for 2 days now with this question . Almost nothing is mention in the module about JSON and I am quite new to all this. I was able to get the Request Headers into a File and then try to run sqlmap -r file.txt , but it gave me an error. If anyone can point me into the right direction i will appreciate it, I have been trying everyting and there is almost no information online about sqlmap addresing JSON. Thanks in advance for the help it is much appreciated.

Hey, without seeing the whole command you are using I can only take a guess. Feel free to DM me the line you are using.

However, make sure that you are structuring your data right. If you try to send: --data 'uid=1&name=test' to a server app expecting JSON, then its probably going to error out. Make sure your --data field is in JSON format when you run SQLMap. Also, as a soft rule, make sure you use --batch and --dump they are major time savers.

Try running with that, and DM me for if you need more clarity.


thanks! I actually was able to solve it with your help

No problem! Glad to hear that you got it.

Hey Guys,
I am stucked in the same topic for a very long time now.
I think I did the command as @onthesauce told us to do:

sqlmap -u ‘’ --data {JSON} --batch --dump

The result I got tells me, the parameter does not seem to be injectable.
Hopefully some of u can help me…
Thank you in advance for your help, it is much appreciated!

Hey DM me a screenshot of the command you are trying.

Are you being sure to wrap the JSON data in single quotes on the outside and double quotes on the parameters?

Let me know,

1 Like

Hey, very thank you for responding!
Meanwhile I got it, in the end I created a new request-file used the -r flag.
Nevertheless I could send you the old command, perhaps you find my mistake.

Greets, nxklxn

Hey no worries,

I just realized you were missing the -X POST switch in the command. SQLMap was probably trying to make GET requests and the application didn’t recognize it.

Although sounds like you found an interesting work around.

I’m stuck here too if anyone can help. I saw the -r flag in the hint. Where do we get the content to put behind the -r flag? I get the following error with this command: “[CRITICAL] specified HTTP request file ‘req.txt’ does not exist.”

sqlmap -u SERVER_IP:PORT/case4.php -r req.txt

I don’t know how to get the Headers properly like in the tutorial and if some other guys are interested…

sqlmap ‘the_case4_url’

And the flag should be there, as it did for me.

hello, i am currently stuck on this quick. Tried the options above but still receiving error messages. If anyone can help.

My advice is to use burp :

  1. Be on the list of cases and have requests intercepted ready.
  2. Click “Forward” until you catch the expected request
  3. Copy the request to a file
  4. sqlmap -r case4.txt --batch --dump