Official Usage Discussion

Sqlmap is a background process, that’s one of the early things you do while you look through other attack vectors.

Hi Matt,
Can you please advise on how you automate SQLMap to run in the background?
The way I use SQL Map is downloading the request from Burp and sending that to SQL Map to try inject a specific parameter.

The reference to running SQL in the background means that as SQLmap runs in the terminal, you would be in the browser looking at the website for vulnerabilities, or off in another terminal tab setting up a directory or sub-host fuzzer or some such. Nmap and SQLmap and other enumeration functions that are time-consuming work best when you begin with them and let them run in the background while you focus your attention on other things.

why does the password hash appear to be invalid by hashid ?

I got the password but when I try to login it says wrong creds or 419 page expired. Could use a hint.

need a hint, i was able to crack the admin password, how do i bypass the email authentication or find the admins email credentials, ive enumerated the entire database and cant find them

1 Like

its not a commonly known hash by hash identifier, you can run it through something else to find out what encryption algorithm it is

1 Like

Anyone was able to use either id_rsa from any user? got root flag but could not use dash nor root id_rsa. It denied the file through ssh user@ip -i id_rsa, permissions were 600. Not sure if the machine was made to reject those logins

I’m very stuck with the admin hash cracking part, I tried different modes and nothing seems to work. Any hint ?

I heard through the grapevine that somebody had better luck with john than hashcat…

Even john is too slow

You gotta think on your feet, privesc a lower level user if john is too slow.

Encountered the same problem here :frowning:

Do you know what type of hash it is?
If you know it, you cand find its corresponding mode number using grep ( hashcat --help | grep “Hash Type”). Remember to add the whole hash to a new file.

BTW hashcat takes a lot of CPU power so if you do not have a very goot core, it’ll be better to use john

Hi gang,
im struggling with sqlmap, can someone assist? it seems to recognise the vulnerability as a false positive.

I am trying to solve hack the box USAGE active machine, but the webpage is showing as trouble connecting to it, i tried subdomain enumeration, directory enumeration and all other methods to find the login page but I haven’t found any and I am using pwnbox not my personal VM so is there a problem with the pwnbox or did i used the wrong method either way it will be much appreciated if u guys can tell me how can i find the login page.
here is the screenshot for reference

Hello bbzrta, DM if you want

change https to http and remove www

ffs, revshell is so annoying, netcat not working fro some reason while I can telnet

Can someone help with the revshell in DM, please?