HELP! SQLMap Essentials - What's the contents of table flag4? (Case #4)

Hi, I have been struggling for 2 days now with this question . Almost nothing is mention in the module about JSON and I am quite new to all this. I was able to get the Request Headers into a File and then try to run sqlmap -r file.txt , but it gave me an error. If anyone can point me into the right direction i will appreciate it, I have been trying everyting and there is almost no information online about sqlmap addresing JSON. Thanks in advance for the help it is much appreciated.

Hey, without seeing the whole command you are using I can only take a guess. Feel free to DM me the line you are using.

However, make sure that you are structuring your data right. If you try to send: --data 'uid=1&name=test' to a server app expecting JSON, then its probably going to error out. Make sure your --data field is in JSON format when you run SQLMap. Also, as a soft rule, make sure you use --batch and --dump they are major time savers.

Try running with that, and DM me for if you need more clarity.


thanks! I actually was able to solve it with your help

No problem! Glad to hear that you got it.

Hey Guys,
I am stucked in the same topic for a very long time now.
I think I did the command as @onthesauce told us to do:

sqlmap -u ‘’ --data {JSON} --batch --dump

The result I got tells me, the parameter does not seem to be injectable.
Hopefully some of u can help me…
Thank you in advance for your help, it is much appreciated!

Hey DM me a screenshot of the command you are trying.

Are you being sure to wrap the JSON data in single quotes on the outside and double quotes on the parameters?

Let me know,

1 Like

Hey, very thank you for responding!
Meanwhile I got it, in the end I created a new request-file used the -r flag.
Nevertheless I could send you the old command, perhaps you find my mistake.

Greets, nxklxn

Hey no worries,

I just realized you were missing the -X POST switch in the command. SQLMap was probably trying to make GET requests and the application didn’t recognize it.

Although sounds like you found an interesting work around.

Could you also help me ?

I’m trying to use the following command:

sqlmap ‘’ --data {“id”:1} --dump --batch

But I recieve the error: WARNING] (custom) POST parameter ‘JSON-like id’ does not seem to be injectable

I don’t know what to do more. Stuck on it for about 2 hours.

Yeah no worries,


That doesn’t look right. Also read what I wrote above about specifying the POST switch. You may need to wrap your JSON data in ' as well. Fix those items and give it another go.


I love you so much.

It worked now!

1 Like

What works well is to use BURP and then save the json/request to a file and use -r file.txt.

Burp will tell you right away you are dealing with json.

For anyone who is still struggling. When they say Jason data must be wrapped in single quotes and parameters in double quotes they mean:

{’ “parameter”:value '}

1 Like

I’m stuck here too if anyone can help. I saw the -r flag in the hint. Where do we get the content to put behind the -r flag? I get the following error with this command: “[CRITICAL] specified HTTP request file ‘req.txt’ does not exist.”

sqlmap -u SERVER_IP:PORT/case4.php -r req.txt

(post deleted by author)

The req.txt is just the name htb gave to the .txt they created, it needs to be a .txt with the request u captured. But at least to me it takes me directly to the table theres nothing i can capture with burp so the hint seems like total bullshit.


sqlmap -u -X POST --data {‘“id”:1’} --dump --batch

is what worked for me.

Thank you Paupa. I ended up getting that one; I can’t remember how. Perhaps it was the same or similar like your command. Appreciate you sharing.